It has been reported that Energy industry firms are vulnerable to increased cyber espionage and sabotage attacks due to outdated systems and technology, and poor security posture, prioritisation and awareness, with phishing the most popular method of infiltration, a report warns. Malicious actors are targeting critical infrastructure (CNI) sites and energy distribution facilities exponentially, and interconnected systems in the energy industry increase vulnerabilities, and cyber attacks often go undetected for some time, according to the report by security firm F-Secure.
Cyber threat actors are advanced and persistent, but firms in the energy industry are using outdated systems and technology to save money,
putting them at risk of cyber attacks, warns F-Secure report https://t.co/ziJ5P4IpZm— Ian (@ianwhi77) April 17, 2019
Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks:
“The report is not particularly surprising as the ICS environment is often the Achilles heel for many energy firms in terms of cyber security. This is because the vast ICS infrastructures are not only challenging to maintain, but have operating life spans of 10-15 years and longer due to the costs involved in replacement.
Correspondingly, for many energy firms, the investment in People, Processes and Technology to effectively protect ICS infrastructure has been severely lagging when compared to the IT environment. The reports’ claim that phishing attacks are the most popular method tells us that there continues to be security failings at the IT/OT perimeter, and indicates critical gaps in the network monitoring and situation awareness within the converged IT/OT environment.
The introduction of NIS in May 2018 should hopefully help such organisations with the business cases for change. Additionally, incidents, such as the recent LockerGoga Ransomware attack and last year’s appearance of GreyEnergy, highlight the impact these threats can have on the energy sector and other industrial organisations.
The adoption of technologies such as network anomaly detection based on AI & Machine Learning can help organisations to monitor, manage and mitigate threats and vulnerabilities, it can also assist with the efficient use of personnel.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.