Energy Companies Unready For Lethal Cyber Attacks

In a recent survey, over 80% of the industry professionals working in the power, renewables and oil and gas sectors who responded  believe that a cyber attack on the industry is likely to cause operational shutdowns and damage assets and critical infrastructure.

According to a report by the leading energy technology specialist DNV57% of energy professionals expect an incident to cause loss of life, while 85% foresee operational shutdown and 84% damage to critical infrastructure. Additionally, 74% expect an attack to harm the environment while 57% anticipate that it will cause loss of life.

While people working in the industry fear the worst, many companies in the power, renewables and hydrocarbon sectors are taking a “hope for the best” approach to cyber security rather than actively confronting the issue. The DNV report says two thirds of respondents reported “major changes” to strategies and systems following the spate of incidents, there was also a warning of widespread complacency.

The biggest threat could now come not directly to the IT systems of companies themselves, but to the operational technology (OT) that links and controls an increasingly interconnected energy system.

Trond Solberg, Managing Director, Cyber Security at DNV said: “As OT becomes more networked and connected to IT systems, attackers can access and control systems operating critical infrastructure such as power grids, wind farms, pipelines and refineries... Our research finds the energy industry is waking up to the OT security threat, but swifter action must be taken to combat it. Less than half (47%) of energy professionals believe their OT security is as robust as their IT security.”

DNV also contrasted the gap between a sharp focus on physical safety and a laxer approach to cyber security in some companies. DNV recommends that firms identify where critical infrastructure is vulnerable to attack. In particular, better workforce training is needed to ensure improved enforcement of cyber protective measures.

As countries look to end their reliance on fossil fuels, particularly those imported from Russia, hydrogen has been tipped to be the next biggest low-carbon solution. While hydrogen can effectively replace natural gas in many uses, the process as it exists now is not efficient and is expensive, making it difficult to scale to mass production. This has led companies to begin looking for new ways to make hydrogen power more cost-effective.

NATO has maintained for the past 15 years that a cyber attack on one of its members could constitute an assault, and equivalence with a kinetic attack has since been seen as the threshold for viewing it that way. 

DNV:      Process Engineering:     Recharge News:     Express:      Fortune:    GRAE Energy News:

You Might Also Read: 

Anonymous Launch An Attack On Rosneft:

 

« Ransomware - Get A Step Ahead
An Airline Brought To A Standstill By Ransomware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Zayo

Zayo

Zayo is a leading global bandwidth infrastructure services provider for high-performance connectivity, secure colocation and flexible cloud services.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

Prim'X Technologies

Prim'X Technologies

Prim'X Technologies provides information protection solutions to prevent unauthorised access to sensitive data.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Penacity

Penacity

Penacity, LLC provides strategic consulting technology services and Information Security Services to commercial and government organizations.

Symantec

Symantec

Symantec delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.

Passbase

Passbase

Passbase is building a full-stack identity verification engine backed by verified government documents.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

Deeper Network

Deeper Network

Deeper Network represents the world's first decentralized blockchain network for building a truly private, secure and fair Internet.

AVEVA

AVEVA

AVEVA has a long history in providing Supervisory Control and Data Acquisition software for meeting complex and evolving automation requirements.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

CyTwist

CyTwist

CyTwist is an early warning attack detection platform that complement your existing security suite and provides your security teams with unique detection capabilities of stealth targeted attacks.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.

ThreatMate

ThreatMate

ThreatMate empowers businesses with comprehensive tools to detect, protect, and remediate against cyber threats.