DERs & Microgrids at Risk: How Adversaries Exploit Distributed Energy

This Dragos Threat Perspective warns that Distributed Energy Resources (DERs) and microgrids are being actively targeted by APTs, ransomware operators, botnets, and hacktivists—exploiting internet-exposed controllers, insecure vendor access, legacy firmware, and industrial protocols—to cause disruption across utilities, manufacturing, oil & gas, and data centers. It outlines observed campaigns (VOLTZITE, KAMACITE, Akira, RansomHub), common weaknesses, and prescribes OT visibility, threat-informed detection, and tested incident response to reduce risk.