Energy Companies Unready For Lethal Cyber Attacks

Uploaded on 2022-06-06 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Production-Energy

In a recent survey, over 80% of the industry professionals working in the power, renewables and oil and gas sectors who responded  believe that a cyber attack on the industry is likely to cause operational shutdowns and damage assets and critical infrastructure.

According to a report by the leading energy technology specialist DNV57% of energy professionals expect an incident to cause loss of life, while 85% foresee operational shutdown and 84% damage to critical infrastructure. Additionally, 74% expect an attack to harm the environment while 57% anticipate that it will cause loss of life.

While people working in the industry fear the worst, many companies in the power, renewables and hydrocarbon sectors are taking a “hope for the best” approach to cyber security rather than actively confronting the issue. The DNV report says two thirds of respondents reported “major changes” to strategies and systems following the spate of incidents, there was also a warning of widespread complacency.

The biggest threat could now come not directly to the IT systems of companies themselves, but to the operational technology (OT) that links and controls an increasingly interconnected energy system.

Trond Solberg, Managing Director, Cyber Security at DNV said: “As OT becomes more networked and connected to IT systems, attackers can access and control systems operating critical infrastructure such as power grids, wind farms, pipelines and refineries... Our research finds the energy industry is waking up to the OT security threat, but swifter action must be taken to combat it. Less than half (47%) of energy professionals believe their OT security is as robust as their IT security.”

DNV also contrasted the gap between a sharp focus on physical safety and a laxer approach to cyber security in some companies. DNV recommends that firms identify where critical infrastructure is vulnerable to attack. In particular, better workforce training is needed to ensure improved enforcement of cyber protective measures.

As countries look to end their reliance on fossil fuels, particularly those imported from Russia, hydrogen has been tipped to be the next biggest low-carbon solution. While hydrogen can effectively replace natural gas in many uses, the process as it exists now is not efficient and is expensive, making it difficult to scale to mass production. This has led companies to begin looking for new ways to make hydrogen power more cost-effective.

NATO has maintained for the past 15 years that a cyber attack on one of its members could constitute an assault, and equivalence with a kinetic attack has since been seen as the threshold for viewing it that way. 

DNV:      Process Engineering:     Recharge News:     Express:      Fortune:    GRAE Energy News:

You Might Also Read: 

Anonymous Launch An Attack On Rosneft:

 

« Ransomware - Get A Step Ahead
An Airline Brought To A Standstill By Ransomware »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

Latvian Information & Communications Technology Association (LIKTA)

Latvian Information & Communications Technology Association (LIKTA)

LIKTA brings together leading Latvian companies, organizations and professionals in the field of Information & Communications Technology

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

PreCog Security

PreCog Security

PreCog Security is a US based cybersecurity risk mitigation company. We specialize in helping you find, minimize and manage vulnerability risk within your product, network and process.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.

Cyrex

Cyrex

Cyrex is a Web3 security and development company. Our mastery over decentralized applications, smart contracts and blockchain will keep you secure across Web3.

IONIX

IONIX

IONIX (formerly Cyberpion) is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your supply chain.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.

Blockaid

Blockaid

Blockaid is the onchain security platform for monitoring, detecting, and responding to onchain and offchain threats.