print PRINT


METI to require small, renewable energy utilities to plan against cyberattacks

  • July 25, 2020
  • , Nikkei , p. 4
  • JMH Translation

The Ministry of Economy, Trade and Industry (METI) will make it mandatory for small renewable energy utilities to take measures against cyberattacks on their power plants. The ministry expects power generation will increasingly rely on remote online control, increasing the need to prevent hacking from outside. The new rule will apply to new power distribution contracts starting this October.


Cyberattacks against social infrastructure are on the rise. In Germany, a steel plant’s control system was hacked in 2014, resulting in the loss of the production facility. In Ukraine, power plants were attacked and controlled remotely, causing hundreds of thousands of households to temporarily lose power. By encouraging utilities to take steps to guard against cyberattacks, METI hopes to prevent such attacks from causing large-scale blackouts.


The companies will be required to formulate preventive measures as well as measures to take after their systems are hacked.


The former involves strictly separating the power plant’s control system from the internet service, so that hackers cannot take control of the facility. The latter includes smooth notification and sharing of information between relevant parties.


In accordance with the Electricity Business Act, utilities will describe the specifics of the measures in a document they prepare called “technological requirements.” By doing so, utility companies who connect to the power distribution network will be obligated to abide by the rule. Until now, small renewable energy utilities, whose total output is less than 10,000kw, were exempt from the obligation to implement anti-cyberattack measures.


However, the use of small-scale and dispersed energy sources such as solar power and wind power are expected to grow, and more facilities will be controlled online in the future. The prospect moved METI to require utilities to implement the anti-cyberattack measures for their facilities, including small-scale ones, that connect to power cables.


In addition to the new contracts starting from October, METI will request existing facilities follow the same rule as well.

  • Ambassador
  • Ukraine
  • COVID-19
  • Trending Japan