"A Utah renewable energy developer was hit by a first-of-its-kind cyberattack that briefly cut contact to a dozen wind and solar farms this spring, according to documents obtained by E&E News under the Freedom of Information Act.
Salt Lake City-based sPower suffered "denial of service" attacks on March 5 that left grid operators temporarily blinded to generation sites totaling 500 megawatts, the documents show.
Hackers did not cause any blackouts or generation outages, according to sPower, which says it's the biggest private solar power operator in the United States. The cyberattack took advantage of a known weakness in Cisco firewalls to trigger a series of five-minute communications outages over a span of about 12 hours, according to an emergency report sPower filed with the Department of Energy at the time of the disruption that was not publicly released. Denial-of-service attacks flood target devices or websites with bogus traffic to crash them."