“Who turned out the lights?” is a game children have played, most likely for as long as humans have had light. A kid pulls his friend’s hat down over his eyes. Someone turns out the bathroom light on you when you are in the shower. There’s something about maliciously putting another in the dark that feels funny, but possibly even powerful, to a number of people.
Occasionally, that kid has more than a sense of humor and becomes someone who wants to turn out the lights on an entire city.
Power companies know this. That’s why they’ve had razor and barbed wire around facilities for decades: to prevent physical threat and destruction of property.
But a new kind of threat, the cyber threat, requires cyber surveillance.
It’s the most pressing issue in the energy sector for 2017.
Cyber Security Breach in Energy
Power outages do more than cause alarm bells, they are incredibly costly. The famous 2003 New York City blackout cost the city an estimated $36 million per hour. As any energy sector official can tell you, blackouts have a human and safety cost in ways that would surprise most regular citizens—hospitals, banks, and penitentiaries, just to name a few places where such outages can be a particular problem.
The cost of a breach is no less in oil and gas industries, where the safety of personnel and care for volatile products are the realities of day-to-day life. Oil and gas companies guard against physical threats with appropriate surveillance and deterrents as well.
Cyber threats are different, as a Ukrainian power company experienced in 2015: remote actors gained control of their computers and employees watched helplessly as their cursors moved, shut down grids, and even shut down the power in their own facility.
It was the realization of a nightmare in the energy sector, and we can expect to see more attempts like it in coming months and years.
Recovering from such a breach is also not a standard protocol within the energy sector, the investigation of an outage and restoration of service being a different animal than a remote malicious attack.
Cyber Threat Intelligence
Threat actors continue to grow in sophistication and create more complicated attacks. The collaborative nature of the internet has expanded cyber crime as well, including:
- Unprecedented access to malicious tools created by other hackers and threat actors.
- The ability for criminals to swap successes and failures, and build off of one another’s experiences.
- Layers of undetectability, where threat actors use resources to cross international borders, making both tracing and prosecuting more difficult.
Given the collaborative possibilities of cyber crime, threat actors have grown exponentially in both sophistication and numbers.
Your best defense is to have a robust combative team, similarly capable of gathering and collaborating with effective industry-specific insight.
While most safety and security protocols within the industry have regulation and standard operating procedures shared between companies, cyber defenses do not. Currently, in the United States, plans are underway to make a plan for improved cyber security, and the energy sector is part of the conversation being had, but nothing has been set as yet. Even should the US implement internal strategies, threat actors cross borders. The investigation and prosecution of cyber crime requires international cooperation, and little has been done in terms of regulating how such cooperation could or should go.
Industry-specific threat intelligence for the energy sector does not wait for regulation to gain actionable insight and mitigate threats.
Do you want to get ahead of the pack and see what possible solutions and insights exist for the cyber security of your company? Contact us.