This year’s ransomware attack on the Colonial Pipeline network shut down 45 percent of the fuel supplied to the US East Coast for six days, demonstrating the disruption that malicious actors can inflict on entire nations. With digital transformation, the development of supply chains, and the shift to renewable sources all expanding attack surfaces, over half of cyber professionals in the energy sector have reported suffering at least one breach causing data loss or an operational outage in the past 12 months.
An expanding digital footprint
Energy businesses have long been looking to boost productivity and increase profits by investing in digital transformation – collecting and analyzing data, connecting IoT devices, and implementing AI and automation solutions. When energy companies digitalize, it can facilitate up to a 10 percent improvement in production and a 30 percent improvement in cost.
A decentralized, digitalized energy system is also an inevitable outcome of the clean energy transition. The shift to renewables is now a huge consideration for the energy sector as the US re-joins the Paris Climate Accord and works towards achieving net-zero carbon emissions by 2050. Today, renewable energy sources account for around one-fifth of total consumption and are likely to outstrip demand for oil by 2040.
Adapting to wind, solar, and electric energy sources requires using more decentralized infrastructure. Wind and solar farms are often controlled and managed remotely from afar, while huge, interconnected electricity grids rely on automated controls to run efficiently. Though this provides energy organizations with the ability to optimize production in real-time based on supply and demand, these interconnected-but-dispersed networks dramatically increase the attack surface for malicious actors to exploit. Phishing emails containing malware or ransomware can be targeted at unsuspecting staff, DDoS attacks can see a perpetrator hack and take control of systems, and, particularly in remote managed renewables infrastructure, control can be exerted through public IP addresses, which leaves software open to attack. Energy companies can also be collateral damage from global attacks such as NotPetya and WannaCry in 2017.
Supply chain risk
The energy sector has a vast and complex supply chain ecosystem, and if one part of the chain is interrupted it can have consequences for all suppliers and customers involved. The Duke Energy attack in 2018 targeted seven US pipeline operators, impacting multiple third-party electronic communication systems in the process. Energy companies also often acquire information, hardware, software, and a multitude of services from third-party vendors worldwide, making it difficult to establish a consistent and centralized cybersecurity framework. And any cyber breach is a direct attack on business continuity, with 76 percent of energy executives citing that business interruption, including loss of revenue, legal implications, and reputational damage, would be the most impactful consequence of a cyber breach for their organization.
Reducing cyber risk in the energy sector
With the US government earmarking around $3.5 billion for improving the cybersecurity of the electric grid in 2021, it’s clear that cybersecurity within the industry is a major Federal concern. For digitalized, decentralized infrastructure like the energy sector, cybersecurity solutions must be proactive, offering trusted threat visibility and cyber resilience.
Our centralized cyber threat intelligence solution, CleanINTERNET, simplifies cybersecurity within energy organizations of all sizes. CleanINTERNET aggregates over 3,500 cyber threat intelligence feeds, shielding ‘all risk’ threats automatically and providing constant threat hunting on behalf of your business. As an extension of your security team, our cyber threat analysts improve visibility over potential breaches, allowing the energy sector to focus on critical business efforts, compliance, and the transition to renewable sources, without the added burden of threat hunting and cyber security.