In an industrialized world, energy and utilities are required every day. When we commute, we rely on traffic lights to keep the routes safe. In the sweltering heat of summer, we depend on air conditioning. In the bitter cold of frosty winters, we need our heaters. And in the digital age, we have smart devices that can communicate.
As such, many of us still experience the occasional brownout or power outage. While inconvenient, we have the peace of mind knowing that things will return to normal in a few hours or less, and we can get back to our ordinary lives. Yet, as the energy infrastructure ages, there is another growing threat – cyber attacks. Many threat actors know that the energy industry is critical to any developed nation. As a result, it makes a grid attack even more attractive for nation-states and criminals who wish to wield formidable leverage over any state or country.
Invariably, advances in technology have led to the massive automation of networks and processes. Automation makes sense for scalability and efficiency as needs evolve and grow. Unfortunately, the same priority has not been placed on energy IT security services leaving many energy facilities highly vulnerable to a targeted attack.
In addition, attacks on energy firms are on the rise. In 2017, the Russian DragonFly 2.0 group successfully breached American and European energy companies and accessed the interfaces managing energy supply to homes and businesses. Within the same year, a virus was injected into the controllers of 18,000 power plants used worldwide which regulate temperatures, voltage, and pressure within water and nuclear treatment facilities. It also caused an explosion in Saudi Arabia.
There is also the ransomware attack on a North Carolina utility company. Further, a DDoS attack was deployed for 10 hours on a company that supplied power to customers in Wyoming, Utah, and California. These are just a few of the attacks that did the most damage; there are many others that have been attempted and are on the horizon.
While these types of attacks happen in every industry, the effects can be devastating not just to the energy company but also to its consumers. Using malware or phishing, many threat actors already have the ability to compromise industrial control systems. If their efforts are successful, they can access generators, power grids, and oil wells. The US also allocates 80 percent of its budget on external suppliers and this increases the vulnerability to third-party attacks.
With smart grids and smart devices, the threat surface in the energy sector has rapidly expanded. Cyber criminals are watching. According to the most recent World Energy Congress, the World Energy Council noted a “massive” increase in the number of successful breaches and fear the industry is not prepared to address these attacks.
The situation is so pressing that President Trump issued an executive order in 2017, requiring a more robust energy cyber security of critical infrastructure. Also, the Department of Energy created a five-year strategy for implementing more resilient energy infrastructures that have the right energy cyber security protocols in place. Every successful incident is just another step closer that cyber criminals have gotten to disrupting the power supply to large cities and even an entire country. Right now, there is still time to strengthen your infrastructure, before it’s too late.
Learn more about the most common attack vectors
The energy sector is dismally slow at updating business process software and infrastructure, making it even more vulnerable to an injection, ransomware, or DDoS attack. Given all the information about the attacks we have now, practicing good cyber hygiene is a must. Using threat intelligence and pattern analysis can help to ensure a devastating breach does not happen.
Host cyber awareness training
To protect your organization against tenacious threats, everyone needs to be on board and remain vigilant. All employees should participate in training to identify social engineering tactics and phishing to maintain account security. Many times employees unknowingly open malicious links thinking they were sent from someone in the company. Further, privilege account management must be enforced, meaning employees can only access the systems and data they need to perform their specific job roles. By employing these types of tactics, you can successfully limit the attack surface and enforce preventative measures inherent to good cyber hygiene.
Identify third-party risks
All your vendors and suppliers are subject to data breaches, as well. In this regard, it’s vital to know who might pose a risk. Before partnering with a supplier, get an understanding of their controls and cyber security practices as well as what types of authentication tools they use. Once you feel safe enough to permit access to your systems, maintain a baseline for protecting sensitive data, networks, and the infrastructure. At this stage, cyber security cannot be an afterthought.
Through digitization, the potential attack surface continues to grow. At the same time, cyber attacks are becoming increasingly more sophisticated. Any negative impact on the grid can put lives at stake. Now is the time to implement energy IT security services that can identify security gaps and follow an energy cyber security framework to protect your organization and your customers from both service disruptions and data breaches. Contact SSI to learn more about protecting your critical infrastructure.