industry unlocked
WHY THE ENERGY SECTOR MUST TAKE A PROACTIVE APPROACH TO CYBERDEFENCE
The energy sector has undergone immense digitalisation in recent years as organisations have adopted digital tools to help achieve their transition towards net zero . But this has also introduced new risks and threats which need to be addressed to stay ahead of sophisticated attackers . Phil Tonkin , Senior Director of Strategy at Dragos , talks us through the typical threats facing organisations in this sector and highlights why a proactive approach to defence should be encouraged .
hHow has the digitalisation of the energy sector impacted cyber-risk ?
The energy sector has digitised significantly over the last few years as a fundamental part of the transition towards a net zero energy market . So much inter-connectivity and data is required to facilitate that transition , resulting in a much greater level of exposure for organisations .
The challenge is that every time a new connection is introduced – and considering the speed at which that is done , while also maintaining connectivity at a lower price point – it ’ s possible to introduce new risks into those spaces .
It ’ s a rapidly evolving environment which requires a great deal of consideration to balance the needs of moving towards net zero and managing the risks that come from connectivity through cyberthreats .
What are the typical threats facing organisations in the energy sector ?
There are traditional threats that come from state adversaries who are looking to disrupt the supply and continuity of energy within other nations but we ’ re also seeing a real trend towards criminal groups trying to exploit that criticality as well .
We ’ ve seen groups use sophisticated techniques and targeted activity to try to gain access into environments and hold them to ransom , because these organisations understand that in the energy sector , continued operations are critical . Victims may feel obligated to stop all systems as fast as possible and even pay a ransom .
Ransomware has been intensifying but there are new and additional threat events in an environment that is becoming increasingly digitised . These range from attempts to steal customers ’ data from those organisations , all the way through to adversaries who may try to switch off the power supply .
What are the aims of threat actors targeting organisations in this sector ?
The aims of different actors are variable . It is a complex and expensive thing to plan and initiate a targeted attack against an energy organisation . Often the aim is to somehow extort some sort of financial benefit from organisations .
It could be the payment of a ransom or that they ’ ve been paid by a different group to gain access into those environments . In a few cases , they ’ re looking for the kudos of having accessed those spaces . Some may just be trying to cause disruption out of protest . There are other reasons why somebody may want to get into these environments but in the majority of cases , it is criminal groups trying to get access into the environment to gain some sort of financial benefit .
Ransomware has been intensifying but there are new and additional threat events in an environment that is becoming increasingly digitised .
52 www . intelligentciso . com