The cybersecurity of organizations in the power and energy sector has suddenly taken a front seat among security researchers. Recent research claimed that industrial controllers in several U.S.-based power organizations are vulnerable to cyberattacks. And this claim gets more gravity when we look at recent threats faced by organizations in the aforementioned sectors.
Recent threats to the utility sector
In the last few months, cyberattacks focused on the energy and power sector have been most prevalent in North America, followed by South America and Eastern European regions.
- Some of the targeted organizations include Ultrapar, Lukoil, and Bayshore Recycling Corporation.
- Last month, a new cyberattack campaign Operation Spalax was uncovered, aimed at Colombian government institutions and private companies, particularly those belonging to the energy and metallurgical sectors.
- Prominent attack vectors include unauthorized access, data theft, phishing, ransomware, and malware threats. Moreover, phishing emails are often used as an initial attack vector.
Data breach spree
In addition, the sector has been plagued by several data leaks that happened in the last two months.
- A hacker mistakenly exposed stolen passwords of several firms at Google public searches, in which Energy and Construction companies were primarily targeted.
- Additionally, data breach incidents were observed at Eneco, Enel, and People's Energy.
A preventive step
Some preventive actions have been already taken to protect the critical services provided by the power and energy sector. As of January 1, 2021, the new North American Electric Reliability Corporation (NERC) cybersecurity standard is in effect. This standard mandates that all US energy providers must report every attempt to breach bulk electric systems, besides reporting a successful breach to the DHS ICS-CERT.
Organizations operating in the energy sector form a critical backbone of the essential services. Thus, experts suggest organizations understand the severity of risks behind cyber intrusion incidents. They must strive to deploy adequate security solutions to protect themselves from the ever-changing threat landscape.