Energy Companies Unready For Lethal Cyber Attacks

Uploaded on 2022-06-06 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Production-Energy

In a recent survey, over 80% of the industry professionals working in the power, renewables and oil and gas sectors who responded  believe that a cyber attack on the industry is likely to cause operational shutdowns and damage assets and critical infrastructure.

According to a report by the leading energy technology specialist DNV57% of energy professionals expect an incident to cause loss of life, while 85% foresee operational shutdown and 84% damage to critical infrastructure. Additionally, 74% expect an attack to harm the environment while 57% anticipate that it will cause loss of life.

While people working in the industry fear the worst, many companies in the power, renewables and hydrocarbon sectors are taking a “hope for the best” approach to cyber security rather than actively confronting the issue. The DNV report says two thirds of respondents reported “major changes” to strategies and systems following the spate of incidents, there was also a warning of widespread complacency.

The biggest threat could now come not directly to the IT systems of companies themselves, but to the operational technology (OT) that links and controls an increasingly interconnected energy system.

Trond Solberg, Managing Director, Cyber Security at DNV said: “As OT becomes more networked and connected to IT systems, attackers can access and control systems operating critical infrastructure such as power grids, wind farms, pipelines and refineries... Our research finds the energy industry is waking up to the OT security threat, but swifter action must be taken to combat it. Less than half (47%) of energy professionals believe their OT security is as robust as their IT security.”

DNV also contrasted the gap between a sharp focus on physical safety and a laxer approach to cyber security in some companies. DNV recommends that firms identify where critical infrastructure is vulnerable to attack. In particular, better workforce training is needed to ensure improved enforcement of cyber protective measures.

As countries look to end their reliance on fossil fuels, particularly those imported from Russia, hydrogen has been tipped to be the next biggest low-carbon solution. While hydrogen can effectively replace natural gas in many uses, the process as it exists now is not efficient and is expensive, making it difficult to scale to mass production. This has led companies to begin looking for new ways to make hydrogen power more cost-effective.

NATO has maintained for the past 15 years that a cyber attack on one of its members could constitute an assault, and equivalence with a kinetic attack has since been seen as the threshold for viewing it that way. 

DNV:      Process Engineering:     Recharge News:     Express:      Fortune:    GRAE Energy News:

You Might Also Read: 

Anonymous Launch An Attack On Rosneft:

 

« Ransomware - Get A Step Ahead
An Airline Brought To A Standstill By Ransomware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

Ogasec

Ogasec

Ogasec is a cybersecurity company formed by the merger between Aker and N-Stalker in 2017. Solutions include Security & Connectivity Networking, Application Security, and Managed Security Services.

Secure Soft

Secure Soft

Secure Soft are experts in Computer and Information Security with a presence in Peru, Colombia and Ecuador.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Oxeye

Oxeye

Oxeye fills the gap between cloud and code to show exploitable vulnerabilities, and their path from API to code. More visibility. Less noise. More time to build.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Sardine

Sardine

Sardine is a leader in financial crime prevention. Using unparalleled device intelligence and behavior biometrics, Sardine applies machine learning to detect and stop fraud before it happens.