Polish cyberattack sharpens storage risk focus

Polish cyberattack sharpens storage risk focus

Polish renewable sites have exposed sharper battery storage cybersecurity risks. The incident affected communications and control visibility across around 30 wind and solar sites, sharpening scrutiny of operational resilience, protection architecture, and insurance coverage.


IN Brief:

  • A 2025 cyber incident affected communications and control visibility across roughly 30 Polish renewable energy sites.
  • Battery storage creates a broader risk profile because control systems govern safety, dispatch, and operating limits.
  • Cyber resilience is becoming part of storage bankability, grid compliance, and asset insurance assessment.

A cyber incident affecting around 30 wind and solar sites in Poland has sharpened scrutiny of battery energy storage systems, particularly where distributed assets depend on remote access, communications infrastructure, and control interfaces.

The December 2025 incident disrupted communications infrastructure and control visibility across distributed renewable energy sites. Generation was not directly manipulated, but the event showed how interference with the operational edge of renewable infrastructure can create grid-management, availability, and insurance concerns.

For wind and solar generation, the distinction between disrupted visibility and direct manipulation remains significant. For battery storage, the boundary is narrower. A BESS control layer governs charge and discharge limits, inverter behaviour, cell safety, thermal management, emergency shutdown, and interaction with grid services. Access to remote terminal units, protection relays, operator interfaces, or exposed edge devices can therefore affect more than monitoring.

Specialist broker McGill and Partners has linked the Polish case to an attack pathway already understood across operational technology: compromised internet-facing devices, weak authentication, reused credentials, and access into OT-facing systems. The practical concern is the combination of distributed renewable assets, remote access, and operational equipment that may not have been designed around today’s cyber threat environment.

Insurance treatment is becoming more complex as storage assets sit between property risk, technology performance risk, cyber risk, and grid-service liability. A conventional property policy may not respond in the same way as a cyber policy where the initiating event is digital but the resulting loss involves physical equipment, lost availability, market penalties, or safety intervention. That split becomes more difficult as storage projects grow larger and rely on multiple revenue streams.

Power infrastructure has already been moving in this direction. At Hannover Messe, grid-edge control, storage systems, cyber-secure electrical assets, and virtualised protection took a larger role in industrial electrification discussions, with power infrastructure increasingly tied to controllability and system resilience. Battery assets, EV charging, AI loads, and distributed generation are now part of the same operational architecture.

Procurement practice is beginning to reflect that shift. Battery projects are no longer isolated electrical installations with a grid connection and a revenue model. They are digitally operated assets with external communications, firmware dependencies, trading interfaces, energy management systems, grid-code requirements, and remote optimisation. Each layer adds capability, but also expands the system boundary that has to be protected, monitored, and contractually allocated.

For developers, lenders, asset owners, and network operators, cyber due diligence is moving closer to technical due diligence. Equipment stacks now require scrutiny across inverter controls, battery management systems, EMS platforms, SCADA connectivity, remote access, identity management, incident response, logging, and supplier access. Underwriters are likely to seek clearer evidence that control layers are segmented, monitored, recoverable, and tested under realistic failure conditions.

The Polish case has reduced the distance between theoretical risk and operational precedent. As storage becomes a normal part of grid flexibility, the systems that trade, optimise, and protect those assets will need the same engineering discipline as the electrical plant itself.