Blog A3Sec

The challenges of cybersecurity in the energy sector

Written by Israel Gutiérrez, Global CTO | 12 December, 2022

The World Energy Council recommends that energy companies consider cyber risks as fundamental business risks.

Many aspects of the global energy industry are transforming, the ecosystem is increasingly distributed and interconnected, and today both old and new energy technologies have digital capabilities that will allow greater integration.

Each new digital connection represents a range of opportunities, but we must also be realistic that they can become a window for cyberattacks, making utilities, energy companies and operators of critical infrastructure more vulnerable to these types of threats. Cybersecurity for the energy industry must implement innovative solutions to provide thenecessary monitoring and visibility to protect the overall network.

Israel Gutiérrez, Chief Technology Officer (CTO) of A3Sec, a company specialized in shielding digital assets, mentions that the lucrativeness of this industry, as well as its wide financial scope, make it a main objective for cybercriminals.

“This industry has automated processes, networks and organizations, which is why they become highly vulnerable to cyber attacks. There are different types of threats that carry out targeted attacks against the sector, each with their own ulterior motives.” indicates the CTO of A3Sec.

In 2017, the Russian corporation APT DragonFly 2.0 hacked and infiltrated US and European power companies, allowing threat actors to gain enough control of the power grid to cause power outages.

The group gained access through a phishing attack that harvested the credentials of the machines. Attack method that is added to ransomware or distributed denial of service (DDoS) attacks.

In 2021 alone, more than 451,000 attacks on companies were detected, with a significant increase of 28%, compared to previous years, to companies in the energy sector, positioning it in second place as one of the industries with the most cyber attacks wich resulted in important losses, an example is the 4.4 million dollars that an oil and gas transportation company had to pay to recover its information.1

As already mentioned, critical infrastructure systems, of which the energy industry is a part, is the second industry with the largest cyber attacks. Critical infrastructure systems (physical and virtual) are those that provide essential functions and services to support social, economic, and environmental systems; for example, electricity infrastructures.

A clear example of a cyber attack on this industry is the one carried out against Pemex when in November 2019 the state-owned company suffered an attack on its critical infrastructure with ransomware, affecting 5% of the equipment of the state-owned productive company.

“This is a constant fight, cybersecurity systems are incorporating Artificial Intelligence to prevent, detect and correct any alteration in the digital processes of the energy industry, from the beginning we cannot know if a threat seeks financial gain or is simply done due to mere disruption” says Israel Gutiérrez.

The World Energy Council recommends that energy companies consider cyber risks as fundamental business risks. Businesses must cooperate to assess, understand, and build strong resilience to these risks, which threaten service continuity, reputation, data, and systems.

Finally, Israel Gutiérrez comments: “international organizations such as the World Economic Forum (WEF) point out that the energy sector cannot wait for governments to regulate cybersecurity, and must also prepare for frequent and sophisticated cyberattacks such as part of the new normal”2.

Faced with these scenarios, companies in the sector must look for allies who are well-versed in the problem, especially those who have specialists in the field; strong cybersecurity requires a collaborative approach, reliable energy supply chains depend on getting cybersecurity right now and in the future.

Sources:

1 Source 1

2 Source 2