utilities Archives - Security IT Summit | Forum Events Ltd
  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

utilities

Power utilities ‘prioritising cybersecurity’ as threats grow

1024 682 Stuart O'Brien

Power utilities have become more prone to cyberattacks amid the COVID-19 pandemic as attackers have strived to benefit from the rush to remote systems and undermanned facilities.

Utilities need to comprehend the new cyber risks involved with home-based work such as social engineering attacks and less reliable internet connections in order to accordingly set up baseline defences and limit the consequences of cyberattacks, says industry analyst GlobalData.

The firm’s latest report, ‘Thematic Research: Cybersecurity in Power’, reveals that utilities’ investment in cybersecurity – split across technology, services, and internal skills development – will only accelerate as they attempt to address challenges brought about by cyberattacks.

Sneha Susan Elias, Senior Power Analyst at GlobalData, said: “Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control. This potentially provides an opportunity for attackers to target the grid – similar to the attack in Ukraine in December 2015 where hackers attacked three power distribution companies in the country, temporarily disrupting the electricity supply.

“As utility infrastructures become more interconnected, smart and decentralized, a centralized approach to secure them is difficult, and will become increasingly untenable. Central monitoring and oversight is essential but not sufficient, as a central system cannot react quickly enough to threats – especially as control becomes fragmented across numerous systems such as microgrids. As a result, there will be a rising burden on edge elements and local systems to be resilient to cyberattacks, while also having the flexibility to support the resilience of the wider energy system in the case of a cyberattack on the electricity grid.”

Power grids are the main target point for hackers and cyberattacks. Electricity grids depend on industrial control systems (ICS) to provide essential services. If these systems are at risk of a cyberattack, that can pave the way for serious, catastrophic events. However, the growth in cyberwarfare and the rapid proliferation of smart and connected grid components means that investment in cybersecurity will remain a top priority for utility IT departments. As a grid becomes smarter, it also becomes more vulnerable to attack, which can compromise critical infrastructure systems and disclose private user information. 

Elias added: “Utilities need to develop a unified method for security that incorporates both physical and digital security, as well as covers the complete organization. Utilities should adopt cybersecurity measures that can correlate threats across transmission system operator (TSO) systems, industrial control systems (ICS) and operational technology (OT) systems. This is where the role of artificial intelligence (AI) and behavioral analytics, along with ubiquitous Internet of Things (IoT) data comes into play, providing support for the emergence of such solutions.”

An ongoing area of development will be AI analysis of behavioral biometric data. Sophisticated machine learning algorithms can build up a profile of a user’s typical behavior, identify unusual patterns of activity, and highlight potential threats in real-time before they have a chance to materialize. By automatically detecting suspicious data, the whole security process becomes more efficient, preventing the need for a painstaking manual review of log data. IoT, if it moves beyond point applications to encompass analytics and a holistic view of utilities’ infrastructure, could enhance aspects of security by helping manage infrastructure more effectively and monitor unusual patterns. 

Elias added: “The integration of AI with IoT will aid power utilities and security personnel in decreasing false alerts obtained from these systems, and lead to enhanced efficiency of the security teams.”

Keeping data secure in the oil and gas industry

960 640 Stuart O'Brien

By Jerry Askar, Managing Director Middle East, Levant & Africa, Certes Networks

As automation continues to evolve, the utilities sector is finding that encryption of their network data is a critical to safeguard against cyber-attacks.  And, as organisations across the globe continue to prioritise cybersecurity, the threat landscape continues to expand.  Although good progress is being made, it is evident that critical network vulnerabilities are still being left unprotected. 

This is particularly the case in the oil and gas sector, which is the latest to enter the cyber security spotlight according to the latest threat report by security firm Dragos that highlighted that the sector is a valuable target for adversaries seeking to exploit industrial control systems (ICS) environments.

The report revealed a new activity group targeting the industry, bringing the total number of tracked ICS-targeted activity groups to nine, five of which directly target oil and gas organisations. What’s more, the increased deployment of automation within the oil and gas industry to manage costs, extract the most value from current assets and maximise up-time, only causes the threats to ICS and supervisory control and data acquisition (SCADA) networks to rise.

The threat is clearly high, as are the potential consequences of a cyber-attack on this sector. An attack on an oil or gas organisation would not only have severe political and economic impacts, but it would also have a direct effect on civilian lives and infrastructure. Much of how the population lives and works is dependent upon the energy from oil and gas production, from communication, the use of electronic devices and appliances, and even heating, cooling and cooking. The smallest attack on this sector could result in devastating effects. 

Beyond consumer impact, an oil or gas company hit by a cyber-attack could experience a plant or production shutdown, utilities interruptions, equipment damage or loss of quality, undetected spills and of course safety measure violations. For example, in December 2018, Saipem, an Italian oil and gas industry contractor, fell victim to a cyber-attack that hit servers based in the Middle East, India, Aberdeen and Italy, which led to the cancellation of data and infrastructures.

Mitigating cyber-attack damage 

Understanding not just the threats faced by this sector, but also how the attacks are taking place and the behaviours and capabilities of activity groups targeting oil and gas companies, is essential. As the Dragos report warned, there is currently limited visibility – or observability –into the network ecosystem, including communications to and from operations centers, distribution substations and even home “smart grid” networks. This means that intruders can dwell for longer and the root cause of the attack can remain undetected. As is widely documented, the longer an attacker remains in a network, the more damage the breach will cause.

To protect data in ICS/SCADA environments, organisations in the oil and gas industry need an encryption solution that not only safely encrypts data enterprise-wide, but that is also scalable and easy to implement, without disrupting, replacing or moving the network infrastructure. Furthermore, some encryption technologies will provide organisations with greater visibility of their data to monitor deployed policies. By defining and deploying policies and keys based only on which users should have access to what data, organisations can ensure that only those who need to send or receive the data have the access to do so. In addition, many Observability network features can provide crucial flow data so that IT operators can observe policy enforcement and quickly shut down a policy if compromised to stop further damage and potential escalation.

Conclusion

Lessons need to be learned from the past attacks on the oil and gas industry, such as the Saipem attack which had global consequences. With the sector facing such a high cyber risk, it’s more crucial than ever for oil and gas organisations to inhabit a cyber security culture and move from reactionary to proactive. 

This means employing an encryption management solution, along with the right forensic intelligence tools, to understand and safeguard against future cyber-attacks and their potential for devastating consequences.

Image by Robson Machado from Pixabay