Energy industry vulnerable to increased cyber attacks

April 16, 2019 //By Nick Flaherty
Energy industry vulnerable to increased cyber attacks
Cyber threats to energy systems are advanced and persistent, but companies are using outdated systems and technology to save money, says a new report from FInnish security firm F-secure. Poor security, prioritisation, and awareness are also gifts to attackers.

Critical infrastructure (CNI) sites and energy distribution facilities are under increasing attack, and interconnected systems in the energy industry increase vulnerabilities, with cyber attacks often go undetected for some time, says the report. However there are signficant challenges specifically for the industry.

Nine different attackers/malwares/techniques targeting the energy industry stand out, with spear phishing being the most common initial supply chain attack technique. Keeping a small attack surface in the energy industry is often pitched as the best way to mitigate the risk of a cyber attack but this is simply not possible. As energy companies save costs against the backdrop of lower oil prices, consolidating operations can weaken business resilience and redundancy levels. This gives rise to new, single critical points of failure, with any disruption across the supply chain potentially having increased consequences.

“Espionage and sabotage attacks against CNI organizations have increased over the years and I don’t think we have seen it all yet,” says Sami Ruohonen, Labs Threat Researcher at F-Secure.

Connecting Industrial Control Systems (ICS) to the Internet is increasing, and a considerable number of CNI systems in use today were installed and built before 24/7/365 internet connections were the norm and the advent of Stuxnet. Many Operational Technology (OT) components have built-in remote operation capabilities, but are either partly or entirely lacking in security protocols such as authentication.

Cyber security was not a realistic threat when these systems were manufactured, and legacy protocols and systems never had the built-in security controls that we take for granted today. Transitioning these systems to the Internet has opened them up to attacks from a myriad of angles.

“Critical Infrastructure due to its nature is an interesting target for a foreign nation-state, even during peacetime,” said Ruohonen.

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.