Ransomware is evolving. How long until it takes down operational technology?

In May 2021, Colonial Pipeline, one of the largest fuel pipelines in the United States, faced a ransomware attack. The company, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor, shut down work for several days. It also showed how open our energy infrastructure is to cyber attacks. More and more, we rely on tech to run critical systems and operations. So, protecting systems and networks is more crucial than ever. See how attacks in these sectors are growing and what organizations can do to bolster their protections against bad actors. Check out our top news from the world of energy and utility security so far in 2021.

Top Energy & Utility Insights 

7-Minute Read 🕒

Shedding Light on the DarkSide Ransomware Attack

As ransomware evolves, there’s growing concern about the potential for it to spread to operational zones and upstream to the overall supply chain. After all, that could cause widespread damage. In fact, IBM Security X-Force data found that ransomware attacks were the most common threat to organizations that use operational technology (OT) in 2020. Why? Threat actors may find these to be attractive for ransomware attacks. After all, they face costly downtime and can impact a wider ecosystem and individual consumers. Look at the growing threat of groups like DarkSide, the gang allegedly behind the Colonial Pipeline attack. See how a zero trust approach paired with other tactics can help energy and utility groups reduce their ransomware risk.

3-Minute Read 🕒

Poison in the Water: The Physical Repercussions of IoT Security Threats

When the water treatment plant in Oldsmar, Florida was breached earlier this year, a frightening potential problem suddenly came true: an Internet of things (IoT) incident had moved into the physical world. The attacker changed the amount of sodium hydroxide in the public water supply from 100 parts per million to 11,000 — what could be a dangerous level of lye. If consumed, the water could have caused loss of vision, pain and shock, among other symptoms. Luckily, the attack was stopped and the public wasn’t harmed. But it brought to light once again that the rise of IoT devices comes with risks. Read this article to find out ways you can help protect your organization against cyber-physical attacks.

3-Minute Read 🕒

A New Directive for Pipeline Operators Puts Cybersecurity in the Spotlight

Cyberattacks against critical infrastructure are increasing. In response to the disruptive and destructive nature of these attacks, the U.S. federal government released a new DHS/TSA Security Directive, “Security Directive Pipeline-2021-01, Enhancing Pipeline Cybersecurity,” and warned critical infrastructure companies to step up their defenses. Find out more about the directive’s broad set of requirements for owners and operators and its three critical actions.

5-Minute Read 🕒

It’s an Operational Technology World, and Attackers Are Living in It

The IBM Think 2021 virtual conference in May featured a panel by Tenable Vice President of Operational Technology Security Marty Edwards and X-Force Red Hacking Chief Technology Officer Steve Ocepek. Before they delivered their address, Edwards and Ocepek sat down for an interview. They covered the threat landscape of OT, the various attack paths against OT, vulnerabilities that are enabling attackers to succeed and how to reduce the risk of an OT compromise. Read this article to find out what they had to say.

7-Minute Read 🕒

Threat Actors’ Most Targeted Industries in 2020: Finance, Manufacturing and Energy

IBM Security’s annual X-Force Threat Intelligence Index gathers insights about the topmost targeted industries every year. This year’s index showed energy was one of three industries at the top of a list of targeted sectors. Roughly 35% of attacks on the energy industry were attempted data theft and leaks. With 11.1% of attacks on the top 10 industries in 2020, energy ranked as the third most attacked industry, up from ninth place the year prior. Server access attacks on the energy sector hit hard in 2020, too. The industry came in fourth place after health care for the highest number of such attacks. Read the article to find out more.

More on the Status of Energy & Utility IT Security

In September, Vanguard reported that the office of the National Security Adviser will commence a three-month Cyber Security Sensitization outreach across seven at-risk sectors of the nation’s economy, including the energy sector.

Also in September, The Guardian reported that a quarter of cyber incidents reported to Australian security officials over the past year have targeted critical infrastructure and essential services, including health care, food distribution and energy.

Finally, IT for All published a report on the pros and cons of IoT for energy and utilities.

More from Energy & Utility

X-Force 2022 Insights: An Expanding OT Threat Landscape

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT asset owners and operators, all of whom understand the need to keep critical infrastructures running safely, need to be aware…

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem

The Colonial Pipeline cyberattack is still causing ripples. Some of these federal mandates may mark major changes for operational technology (OT) cybersecurity. The privately held Colonial Pipeline company, which provides nearly half of the fuel used by the East Coast — gasoline, heating oil, jet fuel and fuel for the military totaling around 100 million gallons a day — was hit by a double-extortion ransomware attack by a DarkSide group in May of 2021.  In reaction, the company shut down…

Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report

Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights. This year, a new industry took the infamous top spot: manufacturing. For the first time in over five years, finance and insurance were not the top-attacked industries in 2021, as manufacturing overtook them by a…

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

Ransomware. Five years ago, the cybersecurity community knew that term well, although among others it was far from dinner table conversation. Times have changed. Since early 2020, ransomware has hit a slew of headlines. People inside and outside of the security industry are talking about it, and many have experienced the ransomware pain firsthand. The IBM Security 2021 Cost of a Data Breach report notes that ransomware attacks cost on average $4.62 million, excluding the cost of paying the ransom.…