CYBER SECURITY Energy sector: More cyber attacks in 2022 than ever before
Cyber attacks on the energy industry have been rapidly rising since 2017, and 2022 set an all-time high for the number of attacks that took place in a single year. Facing this growing threat, energy industry leaders must take positive action to safeguard against the evolving attack landscape.
The energy sector has seen numerous cyber attacks in recent years. In 2021, the Colonial Pipeline attack, carried out by so-called DarkSide threat actors, launched a ransomware supply chain attack that became one of the largest in the history of the United States. To regain control of their systems, the Colonial Pipeline Company paid the hackers 75 bitcoin.
As technology continues to advance, the sector is becoming increasingly reliant on digital systems to manage its operations. While this has brought about numerous benefits, it has also made the sector more vulnerable to cyber threats, and more attacks like the Colonial Pipeline incident might be waiting just around the corner.
In 2022, the cyber landscape for energy and utility companies is growing evermore complex, and it’s not just to do with escalating geopolitical issues. Throughout the year, it faced a range of cyber threats that highlighted the inherent vulnerabilities of critical infrastructure that was never designed with digital transformation in mind.
Why the energy sector?
The sector is an attractive target for attackers for a number of reasons. Fundamentally, energy systems are the backbone of a country’s economic activity. This is perhaps best illustrated by the fact that a six-hour blackout in France could result in damages of over EUR 1.5bn. The energy sector is heavily reliant in distributed, complex infrastructure. This means that there’s a larger attack surface for nefarious threat actors to target. And as mentioned earlier, it’s considered to be a late adopter of the digital transformation, meaning that there’s an inherent lack of cybersecurity expertise and maturity in the sector on a global scale.
All this together makes the energy sector particularly vulnerable to attacks — and this vulnerability continues to grow with each passing day with the deployment of digitized solutions and even more decentralization.
The threats facing the energy sector
Last year was tumultuous, to say the least. Largely marked by the ongoing war in Ukraine, renewed coronavirus disruptions across China and parts of Asia, and major geopolitical tension between the United States and China, cyber attacks on the energy sector during the year surged. According to an update of S&P Global Energy Security Sentinel, cyber attacks on energy and commodities infrastructure rose sharply in the third quarter and set a record high of major incidents recorded in a single year.
Of the 45 cybersecurity incidents that have targeted the energy industry since 2017, 13 of them had taken place by July 2022, the highest annual level over the last six years:
- Five cyber attacks were recorded during quarter three, which were focused on the power, gas, and nuclear sectors.
Oil assets and infrastructure were the biggest targets for threat actors, accounting for a third of all incidents since 2017.
- Electricity networks were the next most vulnerable, accounting for more than a quarter of all incidents, according to published data.
- Gas and shipping were the two other sectors that experienced a moderate amount of cyberattacks
Meanwhile, commodities, energy, and resources assets in the United States have been targeted more than any other nation, accounting for almost a quarter of all cyberattacks since 2017, according to the updated S&P report. 11 of these attacks were also focused on companies based in Europe. One of the year’s biggest security incidents was when attackers targeted loading facilities in Germany and spread to terminals in the Amsterdam-Rotterdam-Antwerp network. 17 terminals in total were affected, 11 of which were based in Germany.
Securing energy systems
The scale of the current decarbonization and net zero challenges means that there can be no delay in the digital transformation and decentralization of energy systems. As the energy sector continues to evolve and cyber attacks become more frequent, leaders must look to secure their ecosystems and boost cyber resilience to prevent disastrous, far-reaching outcomes. Cyber security and resilience must be given significant consideration in the planning stages of any new energy project. It must also become a core aspect of operational culture for companies within the sector. This will undoubtedly require energy operators to recruit experts from across areas such as cyber and information security into key leadership positions. Energy firms must also continually assess the risk landscape and take steps to remain ahead of threat actors with relevant defenses, including response and recovery systems for worst-case scenarios.
Indeed, governments are already taking an active role in mandating the security of energy systems through legislative and compliance efforts, diversifying energy technologies, and working with businesses to optimize industry resilience. The U.S. government, for example, issued an executive order in May 2021 that aims to address supply chain vulnerabilities.
Keeping energy systems safe from cyber attacks will be critical in the future as threats continue to develop — not only for the energy sector itself but also for the sake of national security and economic stability. To help drive improvements in the sector’s cyber resilience, energy companies must work with policymakers across the supply chain to stay ahead of threat actors.
PCIM Europe 2023: Experience a world of power electronics
You would like to experience trends of the power electronics industry at first hand? Discover up to 500 exhibitors and their products, gain knowledge in over 400 top-class presentations at the conference and benefit from countless networking opportunities with the community at the largest PCIM Europe ever from 9 – 11 May 2023 in Nuremberg, Germany.Get your ticket now