Scorpions nailed it when they sang that “the future is in the air” thirty years ago. It always is, one just has to learn how to sense it in time to make the changes and choices needed.
And today we are living in one of those proverbial eras where we need to sniff the air carefully. Because change is coming. It’s coming fast, and it is not going to give us much time to think about it… if any. We are after all about to change a page, if not a whole chapter, in our collective energy history.
And no, I am not referring to the exciting changes that are happening within the Smart Energy International family.
I am also not referring to me gratefully picking up the baton that Claire Volkwyn gracefully honoured all these years (although believe me when I say that I am often going to tap into Claire’s endless source of industry knowledge). Nor am I talking about the slight shift in focus and gear that Smart Energy International will undergo and that you will all witness in the weeks to come. Although I do expect you to feel at least a little excited about it.
And, I am not even hinting at the collaboration between Enlit Europe and Smart Energy International, both intrinsically linked in an effort to be your best source of news, expertise and analysis in the energy sector. Although our little #oneteam movement is worth the attention.
No, I am referring to a story that dominated the energy news over the past couple of weeks and even became a mainstream sensation: Npower’s data hack.
Npower, the UK energy supplier that was taken over by E.ON in 2019, saw its mobile app hacked in late February. If the reports are correct, personal information of customers, including contact details, dates of birth and addresses were accessed, as well as the last four digits of bank accounts.
And just like that, Npower experienced its very own embrassering Sony PlayStation moment…
However, this was a very serious incident. A data hack issue might become some other utility’s problem soon since, to put it in Francis D’Souza’s, Esmig’s cybersecurity expert, words: “I’m pretty sure there’ll be about 50,000 hackers around the world right now who are trying to replicate the Npower hack on the apps of all other utilities globally. And it’s actually really easy to do.”
IoT and telecommunication services assist utilities immensely in their digitalisation journey. It’s a truly elementary, sine qua non-sort of thing. However, these technologies do also open the door to all sorts of attacks and hacks. This is an uncharted area for utilities, hence the page changing reference, and they need to prepare themselves for that. Fun fact: they already have all the ingredients and they don’t need to re-invent the wheel. They can follow the example of banks. A simple two-factor authentication that banks around the world already use would have prevented this hack from happening, and as Francis says, “it’s very simple to implement”.
In other words, utilities already have all that they need. All they have to do is connecting the dots. But how can they connect them, when the dots sit comfortably in their well-protected siloes within the mother ship? Isolated and doing “their own thing”. Well, ladies and gentlemen, there is no “own” thing. We are in this together. But I am truly optimistic about utilities focussing on their “cyber” issues now that the winds of change are blowing. The new EU DSO entity that is about to be born gives me one more reason why to be optimistic.
One last thing that is buzzing in my mind all this time, but I haven’t read anything about: What about liability? Will the companies be responsible and liable for any actual thefts that occurred after being hacked and because of it? Or will they simply say to their customers: “Oops, sorry, here is the number of a good lawyer, we wish you the best of luck”? I certainly hope not, but I would also like to know, what do you think?
Editor, Smart Energy International
PS1: If you wish to learn more regarding security by design, I strongly recommend this Datatopia discussion hosted by Enlit Europe 365 back in November 2020.