Turn to the nation's most objective and informative daily environmental news resource to learn how the United States and key players around the world are responding to the environmental...
By Rebecca Kern
More electric utilities and energy companies are turning to cybersecurity vendors for protection against attempted attacks, a growing threat highlighted by the recent disclosure of Russian hacking into their communications networks last year.
The U.S. utility sector faces millions of attempted cyber intrusions a day. Duke Energy, one of the largest power companies in the nation serving 7.6 million customers reported more than 650 million attempted cyberattacks in 2017 alone. While a cyberattack hasn’t successfully shut down the U.S. power grid, the threat is real.
“If you want to shut down the infrastructure of a country, you shut down the grid, you shut down the fuel generating refineries,” Eddie Habibi, founder and CEO of PAS, a cybersecurity firm for energy and power industries, told Bloomberg Environment. “That’s what happens at the start of a war, you attack their critical infrastructure.”
A recent alert from the Department of Homeland Security revealed that Russian actors targeted hundreds of energy and nonenergy companies’ networks in 2017, which began through spear-phishing emails sent to vendors serving the power industry in early 2016. The hackers successfully accessed one small power plant’s operational technology network, but didn’t shut it down. Five natural gas pipeline companies’ communication systems were hacked in April, but no pipelines were shut down.
“The energy sector is definitely a target for everything from criminals to nation states,” Jeanette Manfra, assistant secretary for the Department of Homeland Security’s Office of Cybersecurity and Communications, told Bloomberg Environment.
The frequency of cyberattacks on the energy sector targeting systems that run critical infrastructure, like generation plants has increased at least sevenfold over the last seven years, Habibi said.
A cyberattack refers to an effort to access data or systems remotely, often with the intention to shut down operations, like a power grid. Cyberattackers can use malware or email intrusions to access a system and perhaps a larger computer network.
Energy companies are turning to cybersecurity providers like PAS and Siemens to better prepare for attacks. And their options are growing: There are more than 850 cybersecurity firms in the greater Washington, D.C., region alone, according to research from American University’s Kogod School of Business.
To combat threats, companies have to protect their industrial control systems—the computers that monitor and control physical devices such as valves and pumps at power plants or refineries, Habibi said.
“Operational technology security has become probably one of the hottest topics at the board level of a lot of the major companies,” he said.
Cybersecurity vendors are working specifically in the energy sector to fill gaps due to a growing shortage of cyberprofessionals. There is a projected shortage 1.8 million cyberprofessionals globally by 2022, according to a 2017 study by the Center for Cyber Safety and Education.
Habibi’s first words of wisdom for utility and energy companies: “Stay calm.”
But, he added, “We have a lot of work to do both on the technology side as well as on the culture side.”
“We need to bring a focus to the culture of cybersecurity,” he said. In any given day, you can find at least 1,000 cybersecurity violations at a power plant, including opening scam emails, using unsecured USB drives, and sharing passwords with co-workers.
DHS has said most cyberattacks are occurring in the energy sector. But that’s largely because it has been one of the best at reporting cyberattacks to DHS, according to Scott Aaronson, vice president of security and preparedness for the Edison Electric Institute, which represents investor-owned utilities, like Duke and Southern Co.
“Are we seeing an increase in threats from sophisticated actors? Yeah I think we are,” he said. “Part of what we’re seeing is not just that we’re seeing more of these threats, it’s that we’re actually catching more of them.”
“The power of analytics is so important,” Leo Simonovich, vice president and global head of industrial cyber and digital security at Siemens, told Bloomberg Environment.
“We can do a lot through monitoring, visibility, and detection. But it’s not enough to just detect. It’s equally important to understand, to contextualize and to prioritize,” he said.
Siemens partnered with two major cybersecurity firms in 2017 to create a managed cybersecurity business offering, which helps energy clients monitor and detect cyber abnormalities. The first company partner was Darktrace, which specifically works on anomaly detection by helping companies get better visualization into their assets to see attempted intrusions.
“We provide visibility that humans simply can’t see or compute,” Jeff Cornelius, executive vice president of ICS Solutions at Darktrace, told Bloomberg Environment.
The second Siemens partnership is with PAS, which involves asset management.
“We manage, secure, and optimize the performance of the industrial control system,” Habibi said.
DHS recently announced the formation of a new National Risk Management Center, which solely focuses on sharing cybersecurity information with the energy, financial, and telecommunications sectors.
The Energy Department opened its first cyber-specific office—the Cybersecurity, Energy Security and Emergency Response—in May.
And the Electricity Subsector Coordinating Council is a government and industry group that meets regularly to share information among DHS, Energy Department, energy trade associations, and energy company CEOs, including Southern Co.
“It’s going to take a village,” Simonovich said. “It’s important to establish an ecosystem of partners that are solving discrete problems, but that in combination can provide the complete solution.”
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)