How can the energy sector bolster its resilience to ransomware attacks?

/in


Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this industry have grown significantly in recent years, as geopolitical tensions have fueled an increase in state-sponsored cyber espionage. According to one report on OT/ICS cyber security incidents, the energy sector recorded 39% of all attacks, with nearly 60% of these attacks attributed to state-affiliated groups.

energy sector attacks

As well as the threat of politically motivated attacks aimed at gaining a strategic advantage, threat actors are also attracted to the potential financial gains from accessing vast stores of sensitive Information. Attackers have also seized the opportunity to cause significant operational disruption as leverage in ransoms. A recent high-profile example is the ransomware attack against Schneider Electric, in which the Cactus ransomware gang claimed to have stolen 1.5 TB of data after breaching their systems.

As cyberattacks and ransomware rates continue to increase, there is a real concern among energy providers about the operational resilience of the industry, especially since the risks are compounded by the growing economic challenges and shifting regulatory demands.

So how can the sector navigate these challenges successfully?

Understanding the risk factors

The energy sector’s risks are partly driven by its reliance on outdated and legacy technologies. Many of the technologies and systems used by the industry have long life ratios, so over time they become more vulnerable and difficult to patch. Moreover, energy providers still rely on ageing OT assets like industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and programmable logic controllers (PLCs).

At the same time, the deployment of Internet of Things (IoT) devices, including smart sensors within energy grids and automated systems in distribution facilities, has introduced an additional layer of complexity to security. These IoT devices are not typically designed to integrate seamlessly with conventional security protocols and often come with insufficient security protections, such as…

Source…