industry unlocked

Raj Samani , Chief Scientist and Fellow at McAfee

Raj Samani , Chief Scientist and Fellow at McAfee , shares his wealth of knowledge and best practice advice on how organisations can ensure they are protecting their operations and managing risk in the energy supply chain , and how to best detect and avoid breaches .

The energy sector has always faced unique challenges – these range from the continuous demand for resources , to the niche skills needed to apply security to the systems used in the industry . In addition to this , the nature of the systems in place across the industry often requires a set of skills that aren ’ t always readily available within a traditional cybersecurity skills market .

Are there any real-life examples of what a potential threat looks like in the sector ?

Over the past decade , we ’ ve seen some potentially risky scenarios become reality . Take the Nantanz nuclear site in Iran , for example – in 2010 ; it uncovered a Stuxnet worm infection which was a significant cybersecurity threat . Another example of threats targeting Operational Technologies ( OT ) was the 2015 attack against the Ukrainian Power Grid , as the political situation in Ukraine escalated .

More recently , the industry has also experienced ransomware threats towards critical national infrastructure ( CNI ). A key example being the RagnarLocker attack on the energy sector earlier this year – £ 11.7 million ransom was demanded in exchange for 10Tb of sensitive information . Even though these attacks target the IT network , we ’ ve also seen cases of ransomware attacks focusing on production facilities .

During the current COVID-19 crisis , have any of these scenarios changed ?

The typically remote nature of cyberattacks means they don ’ t strictly require physical interaction . There are some instances where cybercriminals will turn to platforms such as a USB entry point vector – but on the whole , the industry remains remote . As a result , the cybercrime industry has continued operating throughout the COVID crisis .

If anything , cybercriminals have instead profited from exploiting the pandemic with their attacks . Our researchers notably detected an average of 375 new threats per minute during COVIDlockdowns , with vertical sectors seeing major increases in cloud threats and attack risks . For example , the manufacturing sector alone saw a 679 % increase in internal and external threat events in their cloud accounts . There are , however , certain cases where a physical vector is still used and security teams must remain vigilant on this . For example , the Tesla ransomware attack was uncovered using a USB as an initial vector .

How can security teams manage risks in the energy supply chain ?

When looking to manage and mitigate risks in the energy supply chain , teams

44 Issue 30 | www . intelligentciso . com