IOActive Principal Consultant Colin Cassidy will be presenting ‘Acme Windpharm’ at this year’s BSides OT UK, taking place April 10 in Bristol, UK. You can find the abstract of the presentation below. Looking to speak with a member of our team during the event? Register on our ‘Book a Meeting in Advance Page‘ to ensure we can save some time for you!
ABOUT THE EVENT:
“BSides OT UK is the first specialised BSides event in the UK. This community-driven event is aimed at both experienced and new OT security professionals, students, or anyone else with an interest in OT security. Our inaugural event will be held at the University of Bristol on the 10th April 2026, and will then move around the country each year.”
ABSTRACT:
The talk will cover the basics of windfarms and their operations, I’ll briefly discuss prior research in this area, noting that those findings are still valid today. Then the core of this talk will focus on identified security threats and their mitigations based on real life assessments. The impact these threats can have both in terms of windfarm operation and the physical damage that can be caused. I will show how physical and remote access to the windfarm can be gained, and by investigating the vulnerabilities found, I will show that there is an over-reliance on security boxes and buzzword solutions that has left general, basic, security hygiene lacking. So much so that that in some cases, not only have systems not been patched, but they were installed insecurely in the first place. I will then discuss the 2019 UK outage and the part played by windfarms in that, from the initial outage to their impact on restoration as a result of how micro generation is modelled within control systems.
There will be two key takeaways from this talk. Firstly, I will be busting the myth that ‘cutting off the supply’ is the most interesting attack that can be performed. It is the most likely, and one of the simplest attacks, but it is not the most interesting. Secondly, I will cover a point often glossed over in other talks. When an attacker ‘takes control’ it is often simply left at that, as if taking control was the ‘win condition’. This talk will cover some of the more interesting cyber physical attacks that can be performed on a wind farm and look at some of the ways that actual physical damage could be caused.