Cybersecurity challenges around selling energy back to the grid
April 2023
IT in Manufacturing
By Simeon Tassev, MD and QSA at Galix

Simeon Tassev.
Utility providers are traditionally an attractive target for cybercriminals, evident by the number of high-profile attacks, both globally and locally, in recent years. In fact, the ransomware supply chain attack on the Colonial Pipeline in 2021 became the largest attack in US history, with the payment of a $4,4 million ransom. With President Ramaphosa’s recent plans to expedite the ability for households and businesses to sell surplus electricity from rooftop solar panels into the national grid, the cybersecurity question must be raised. We need to understand the potential threats and vulnerabilities of so many more connected endpoints and take steps to address them to minimise the risk of attack.
Digital means connected
South Africa’s power needs have grown out of line with the utility providers’ ability to supply, and many homes and businesses have turned to rooftop solar to address their own requirements. The infrastructure obviously needs to be adapted to allow for this, and there has been a lot of thought given to the billing processes and how electricity will be charged for and rebated in this new system.
However, due consideration must also be given to the cybersecurity requirements of this. In order to sell excess energy back to the grid, these private systems will need to be connected, creating a giant web of distributed devices, all digital, and all with varying means and levels of intelligence and connectivity, and all a potentially vulnerable access point for those with malicious intent.
Without considering the cybersecurity element, we risk creating thousands of additional vulnerabilities in an already attractive cybercrime target. In addition, there is a risk that these endpoints could be used to target businesses and individuals, if they are compromised.
Understanding is key
Connecting individual producers will be key in securing the country’s energy needs going forward and is a vital step that needs to be taken. It is also a significant part of the ultimate goal of creating smart cities and smart energy grids and solutions. However, any device that is connected is essentially a device that forms part of the Internet of Things (IoT) and could potentially be an entry point.
With electricity, many of these devices were not designed for connected purposes or to be accessed externally, and this alone makes them inherently vulnerable when they are connected. Risk assessments and due diligence must be performed around this, because the more systems are opened, the more they need to be secured.
The moment any system is opened to the internet, there are potential new threats that need to be understood, evaluated, and minimised, and measures need to be put into place to prevent attack and compromise. With multiple different systems configured in various ways, this can become quite a complex task. In addition, external and remote monitoring tools need to be considered in the complexities, as they too could be a point of entry.
The bottom line is that these risks need to be assessed and understood, because if there is a back door, an opening, or a vulnerability, eventually a bad actor will find a way to exploit it. Securing South Africa’s energy future needs to involve significant conversations not just around sustainability, but cybersecurity as well.
Further reading:
Siemens’ PAVE360 to support new Arm Zena Compute Subsystems
IT in Manufacturing
Siemens Digital Industries Software is expanding its longstanding relationship with Arm and adding support for the newly launched Arm Zena Compute Subsystems in its PAVE360 software, designed for software-defined vehicles
Read more...
Fortifying the state in a time of cyber siege
IT in Manufacturing
In an era where borders are no longer physical, South Africa is being drawn into a new kind of conflict, one fought not with tanks and missiles, but with lines of code and silent intrusions. The digital battlefield is here, and cyber space has become the next frontier of conflict.
Read more...
Levelling up workplace safety - how gamification is changing the rules of training
IT in Manufacturing
Despite the best intentions, traditional safety training often falls short, with curricula either being too generic, too passive, or ultimately unmemorable. Enter gamification, a shift in training that is redefining how businesses train for safety and live by those principles.
Read more...
Reinventing data centre design: critical changes to meet surging
Schneider Electric South Africa
IT in Manufacturing
AI technologies are pushing the boundaries of what is possible which, in turn, is presenting data centres with a whole new set of challenges. Fortunately, several options are emerging which include optimising design and infrastructure for efficiency, cooling and management systems
Read more...
Watts next - can IT save the planet
IT in Manufacturing
The digital age’s insatiable demand for computing power has collided with an urgent and pressing need for sustainability. As data centres and AI workloads consume unprecedented energy, IT providers are pivotal in redefining how technology intersects with environmental stewardship.
Read more...
South Africa’s digital revolution:
IT in Manufacturing
South Africa stands at a pivotal moment in its technological evolution, poised to redefine itself as Africa’s leading digital powerhouse. Over the past two years, political leaders and media narratives have painted a picture of rapid digital transformation, underscoring the government’s ambition to position South Africa at the forefront of innovation.
Read more...
Smart manufacturing, APC and the SA marketplace
Schneider Electric South Africa
IT in Manufacturing
Manufacturers are prioritising the integration of smart technologies into their daily operations to stay one step ahead of the competition. In South Africa, some experts believe the country has the potential to leapfrog its global peers through the creation of smart factories.
Read more...
Schneider Electric’s Five-Pillar Strategy takes the guesswork out of equip
Schneider Electric South Africa
IT in Manufacturing
Schneider Electric’s Field Service Cycle, otherwise known as the Five-Pillar Strategy, is a structured approach to managing the lifecycle of equipment to prolong asset lifespan while reducing the total cost of ownership for customers.
Read more...
Enhancing operational safety and efficiency through advanced risk-based modelling
IT in Manufacturing
Now, more than ever, capital and operational cost can be reduced while enhancing operational safety and increasing production uptime by applying transformative methods such as Computational Fluid Dynamics modelling.
Read more...
Laying the groundwork in IT/OT
IT in Manufacturing
In the realm of manufacturing, the core mandate is to deliver value to stakeholders. For many in the industry, this is best achieved through a risk-averse approach. Only upon establishing a robust foundation should a business consider venturing into advanced optimisation or cutting-edge technological innovations such as industrial AI.
Read more...