Energy Companies Unready For Lethal Cyber Attacks

In a recent survey, over 80% of the industry professionals working in the power, renewables and oil and gas sectors who responded  believe that a cyber attack on the industry is likely to cause operational shutdowns and damage assets and critical infrastructure.

According to a report by the leading energy technology specialist DNV57% of energy professionals expect an incident to cause loss of life, while 85% foresee operational shutdown and 84% damage to critical infrastructure. Additionally, 74% expect an attack to harm the environment while 57% anticipate that it will cause loss of life.

While people working in the industry fear the worst, many companies in the power, renewables and hydrocarbon sectors are taking a “hope for the best” approach to cyber security rather than actively confronting the issue. The DNV report says two thirds of respondents reported “major changes” to strategies and systems following the spate of incidents, there was also a warning of widespread complacency.

The biggest threat could now come not directly to the IT systems of companies themselves, but to the operational technology (OT) that links and controls an increasingly interconnected energy system.

Trond Solberg, Managing Director, Cyber Security at DNV said: “As OT becomes more networked and connected to IT systems, attackers can access and control systems operating critical infrastructure such as power grids, wind farms, pipelines and refineries... Our research finds the energy industry is waking up to the OT security threat, but swifter action must be taken to combat it. Less than half (47%) of energy professionals believe their OT security is as robust as their IT security.”

DNV also contrasted the gap between a sharp focus on physical safety and a laxer approach to cyber security in some companies. DNV recommends that firms identify where critical infrastructure is vulnerable to attack. In particular, better workforce training is needed to ensure improved enforcement of cyber protective measures.

As countries look to end their reliance on fossil fuels, particularly those imported from Russia, hydrogen has been tipped to be the next biggest low-carbon solution. While hydrogen can effectively replace natural gas in many uses, the process as it exists now is not efficient and is expensive, making it difficult to scale to mass production. This has led companies to begin looking for new ways to make hydrogen power more cost-effective.

NATO has maintained for the past 15 years that a cyber attack on one of its members could constitute an assault, and equivalence with a kinetic attack has since been seen as the threshold for viewing it that way. 

DNV:      Process Engineering:     Recharge News:     Express:      Fortune:    GRAE Energy News:

You Might Also Read: 

Anonymous Launch An Attack On Rosneft:

 

« Ransomware - Get A Step Ahead
An Airline Brought To A Standstill By Ransomware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

Digital Law

Digital Law

Digital Law is the only UK law firm to specialise solely in online, data and cyber law.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

TechBeacon

TechBeacon

TechBeacon.com is a digital hub by and for software engineering, IT and security professionals sharing practical and passionate guidance to real-world challenges.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Cyber Defence Solutions (CDS)

Cyber Defence Solutions (CDS)

Cyber Defence Solutions is a cyber and privacy Consultancy with extensive experience in the development and implementation of cyber and data security solutions to your assets.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Firesand

Firesand

Based in Milton Keynes, Firesand Ltd provides penetration testing services to improve your cyber security and protect your company against hackers.

AddSecure

AddSecure

AddSecure is a leading European provider of secure IoT connectivity and end-to-end solutions.

Security Solutions Services (S-3)

Security Solutions Services (S-3)

S-3 specialize in crafting tailored network design, security hardware, software, and storage solutions for businesses of all sizes.

Concertium

Concertium

Concertium is a complete cybersecurity partner equipped with the expertise and services to deliver end-to-end visibility and protection from evolving cyber threats.