industry unlocked
The implications of a cyberattack on our energy
networks are vast, with financial losses and major
disruption both highly likely outcomes. It means it’s
absolutely crucial that these critical networks are
robustly protected. Experts from Skybox Security
and Sophos give two regional insights into some of
the key cyberthreats to the energy sector and offer
advice on how these can be mitigated.
U
44
Understanding the risks
Marina Kidron, Director of Threat Intelligence,
Skybox Security, outlines six cyber-risks to the
energy sector and offers insight as to how these
can be countered by defence strategies.
A paper published earlier this year by the UK
Infrastructure Transitions Research Consortium
(ITRC) calculated that cyberattacks on
electricity networks could cost the UK £111m
over 24 hours. Add the financial losses to the
disruption to everyday life and it’s clear that a
lot is at stake. The burden of responsibility to
keep the country’s energy supply uninterrupted
is a heavy one – energy firms need to
understand the main cybersecurity risks that
they’re facing and have firm strategies in place
to help prevent a costly attack.
Risk one: Challenging OT governance
As companies embrace digitalisation, it is
increasingly difficult to keep a handle of hybrid
IT–OT network visibility. What’s more, it’s really
hard for OT engineers to apply patches. Every
upgrade requires them to restart devices –
asking them to install a patch also means asking
them to shut down some machinery. With energy
supplies already stretched, any disruption causes
a real challenge. The first thing that energy firms
can do to help secure their critical infrastructure
is to understand vulnerability exposure within
their networks – once they have this knowledge,
they can develop targeted remediation strategies.
Identify which vulnerabilities are the most
exposed and determine how to patch them first.
The burden of
responsibility to
keep the country’s
energy supply
uninterrupted is a
heavy one.
Risk two: Problems with patching
Patching is near-on impossible with OT.
Compounded by outdated technology,
legacy OT devices often cannot be
scanned and are traditionally run on
unpatchable software. There are ways
to overcome this problem. In some
instances, security teams should be able
to apply an IPS signature instead of a
patch – this will lock the exploit pack that
can take advantage of the vulnerability.
This tactic is extremely valuable for
energy companies when it comes to
securing their OT devices and networks.
Risk three: Nation-state actors
OT is an attractive target for nation-state
threat actors. The motivation to target the
energy sector is far greater than in other
industries. Attacks can be deployed at
a nation-state level to cripple a critical
Issue 18
|
www.intelligentciso.com