Following the widespread blackout that struck Spain and Portugal, Greece’s government has heightened its alert level for the country’s electricity system. Acting on orders from Prime Minister Kyriakos Mitsotakis, an emergency meeting was convened yesterday, led by Environment and Energy Minister Stavros Papastavrou, to assess potential impacts on the European energy market and to reexamine Greece’s energy resilience measures.
The meeting included the head of the Energy Division at the Regulatory Authority for Waste, Energy, and Water (RAAEY), Mr. Dimitrios Fourlaris, the head of Greece’s Cybersecurity Authority, Mr. Michalis Bletsas, and senior executives from Greece’s transmission system operator (ADMIE) and distribution network operator (DEDDIE).
Greece’s Main Defense: Cutting Renewable Energy Input
ADMIE, responsible for the security of Greece’s electricity system, is prepared to implement cuts in “green” energy production if necessary. It is already on standby to completely restrict electricity injection from renewable energy plants connected to DEDDIE’s distribution network that are not centrally controlled — approximately 3.5 gigawatts of solar parks.
Last Saturday, ADMIE issued a warning about the need for increased vigilance during yesterday’s operations and updated that warning for today, April 29, based on new forecasts.
Slashing 40 GWh of Green Energy
To maintain system stability, ADMIE’s daily unified planning forecast indicated that yesterday alone, cuts of approximately 30 GWh from renewable energy sources were necessary. Today, energy cuts are expected to reach 40 GWh, with the critical hours anticipated between 12:00 and 16:00.
Since early spring, Greece’s transmission operator has been proactively instructing green energy cuts whenever risks to system stability arise. Thanks to these preventive measures, major disruptions were avoided during high-risk periods such as March 25 (Greek Independence Day) and Easter holidays.
The next major test for the energy system is expected on Thursday, May 1st (Labor Day).
Cutbacks are seen as essential for grid security, especially during spring and autumn. These seasons often see an oversupply from renewables due to high solar generation combined with relatively low electricity demand. Additionally, system security technicalities require the activation of thermal power plants (mainly natural gas units), which absorb part of the demand, further complicating the balance. Public holidays, which reduce overall consumption even more, pose an increased risk.
Investigating the Iberian Blackout and the Cybersecurity Threat
The root cause of the blackout that affected Spain and Portugal — which have interconnected power grids — remains unclear. However, preliminary information shows that, just before the major disruption, Spain’s electricity system was running on 82% renewable energy, with over 60% coming from photovoltaics and the rest from wind and solar thermal sources.
Portugal’s grid operator REN announced that the blackout was caused by a failure in the Spanish electricity network linked to a rare atmospheric phenomenon: extreme temperature fluctuations in central Spain caused abnormal oscillations in ultra-high voltage (400 kV) transmission lines.
Regarding the possibility of a cyberattack, both European Council President Antonio Costa and Portuguese Prime Minister Luís Montenegro stated yesterday that “at this stage” there is no evidence of such an incident. Nevertheless, cybersecurity was a key topic during Greece’s emergency energy meeting.
According to a government official speaking to OT, ADMIE and DEDDIE’s systems are considered well-shielded against cyberattacks. However, the official noted that “the devil is in the details” — including who might attempt an attack, which system components might be targeted, and how quickly an intrusion could be detected.
Rising Cyberattack Threats to European Energy Systems
The risk of cyberattacks on critical infrastructure has undeniably increased. Recently, WindEurope — representing the European wind energy supply chain — emphasized the urgent need to protect energy generation infrastructure, citing:
Six suspected sabotage incidents targeting electric and telecommunication cables since 2022.
Eleven instances of damage to undersea cables since 2023.
Furthermore, last Friday, the EU’s Agency for the Cooperation of Energy Regulators (ACER) issued new guidelines to strengthen data protection related to cross-border electricity flows, enhancing cybersecurity compliance under the EU’s network codes.
These measures build on the NIS2 Directive — the EU’s first binding cybersecurity rules for critical infrastructure and networks — adopted in October 2024. The first EU cybersecurity directive (NIS) came into effect in 2016.
Source: OT
