Energy systems are tantalizing targets for cyber criminals – according to Hornet Security, energy is the top target for cyberattacks.
A series of recent incidents has drawn attention to the unique vulnerability of the sector to hackers, and its new status as a mark in cyberwarfare operations. In May 2020, the Colonial Pipeline suffered a ransomware attack that forced all operations to halt while the ransom was paid, triggering fuel shortages and panic buying. All this – the single largest cyberattack on US infrastructure – was the result of a single leaked password. In the months afterwards, there was a slew of disruptive cyberattacks targeting oil and gas facilities across Germany, Belgium and the Netherlands.
What makes the energy sector so vulnerable?
The sector is an attractive target for hackers for a number of reasons. Energy systems are the backbone of economic activity, meaning that cascades of disruption can emanate from a single energy infrastructure failure. For instance, simulations suggest a six-hour winter blackout in France could result in damages of over €1.5bn. The sector relies on inherently complex and distributed infrastructure, meaning there is a large ‘surface area’ for attack. It is also considered a late digital adopter, with a relative lack of cybersecurity expertise.
All this makes it particularly vulnerable to cyberattacks – including attacks by well-resourced state-backed hackers seeking to achieve geopolitical goals.
This vulnerability is growing day by day as the energy sector becomes increasingly digitalized and decentralized, with the deployment of wind, solar, smart meters, EVs and other distributed infrastructure expanding the already-large surface area for attack. For instance, a 2020 paper warned that the expansion of EV charging – combined with public information – could render the grid vulnerable to targeted cyberattacks.
Securing energy systems
The scale and urgency of the decarbonization challenge means there can be no backsliding on the digitalization and decentralization of energy systems. As the sector evolves – and cyberattacks become more frequent and sophisticated – its leaders must boost cyber resilience to prevent potentially disastrous outcomes.
Cyber resilience must be considered from the initiation of new energy projects, with cybersecurity becoming a core aspect of operational and corporate culture in energy companies. This may involve recruiting cybersecurity experts to leadership positions and incorporating cybersecurity as a design parameter. Organizations must continually assess potential risks and invest in relevant cyber defenses, including response and recovery systems for worst-case scenarios.
The interconnectedness of energy systems today means that organizations must collaborate with partners across the sector. This requires organizations to work together to assess complex risk, and share threat intelligence and best practices.
Governments are taking an increasingly active role in ensuring the security of energy systems – for instance, the US government issued an executive order in May 2021 aimed at addressing cyber vulnerabilities in supply chains. Governments can also encourage high cybersecurity standards for the industry through:
- regulation and conditional energy subsidies;
- diversifying energy technologies;
- working with businesses to optimize cyber resilience in the industry.
Keeping energy systems safe from cyber threats is critical – not only for the sector, but for the sake of economic stability and national security. This calls for energy companies to cooperate with policymakers and partners across the supply chain to stay a step ahead of bad actors.