Without the U.S. energy grid, life as we know it simply grinds to a halt. Businesses can’t serve customers. Homes don’t have power. Traffic lights no longer work. We depend on the grid operating reliably each and every day for business and personal tasks. That makes it even more crucial to defend our energy grid from modern threats.

Physical Threats to the Energy Grid

Since day one, the grid has been vulnerable from a physical perspective. Storms knocking the grid offline is common news. But Forbes reported that solar storms — when explosions occur on the sun’s surface and create solar flares from particles — pose an even bigger threat. There have been more than 100 solar storms in the past 150 years. While weather prediction technology continues to develop, the grid likely will always be vulnerable to some degree from these types of threats.

While physical threats from humans have always posed a risk to the grid, attacks have increased in recent years. According to the Department of Energy, 2022 saw an increase of 77% in physical attacks on the grid. Numerous credible threats and potential attacks have happened in recent years, including the shooting of substations in Moore County, North Carolina, which shut down power for residents.

Cybersecurity Threats are an Increasing Concern

According to the Threat Intelligence Index report, the energy sector made up 10.7% of all cyberattacks X-Force responded to during 2022, making energy the fourth most attacked industry. In North America, energy companies suffered 20% of attacks, making energy the most attacked industry.

However, the type of attacks varied. Most attacks (40%) were started by cyber criminals exploiting a public-facing application. Both spear phishing links and external remote services made up 20% of energy sector attacks. Other types of attacks included data theft (23%), extortion (23%), ransomware (15%), BEC (15%), credential harvesting (15%) and botnet infections (19%).

The unrest resulting from Russia’s invasion of Ukraine also increased concern over cyberattacks on the energy grid, especially from the Killnet group. In early 2023, Killnet stole the personal information of over 10,000 U.S. federal agents after breaching the FBI’s database. However, energy sectors fit Killnet’s attack profile for distributed denial of service (DDoS) threats. Experts recommend partnering with a third-party DDoS mitigation provider.

Reducing Vulnerabilities of the Energy Grid

The energy grid’s aging infrastructure and legacy technology significantly increases the risk of attacks. Forbes reported that components at the end of their life cycle increase the risk of cascading failures. By focusing on upgrading technology and equipment to modern, cloud-based technology, companies can reduce their vulnerabilities.

More from Energy & Utility

2022 Industry Threat Recap: Energy

3 min read - In 2022, 10.7% of observed cyberattacks targeted the energy industry, according to the X-Force Threat Intelligence Index 2023. This puts energy in fourth place overall — the same as the year prior and behind manufacturing, finance and insurance and professional and business services. The report notes that this reduction in total cyberattacks may be partly tied to pushback from highly public breaches in 2021, such as the Colonial Pipeline attack. Despite the overall drop in threats, however, the industry remains…

3 min read

X-Force 2022 Insights: An Expanding OT Threat Landscape

9 min read - This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT asset owners and operators, all of whom understand the need to keep critical infrastructures running safely, need to be aware…

9 min read

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem

3 min read - The Colonial Pipeline cyberattack is still causing ripples. Some of these federal mandates may mark major changes for operational technology (OT) cybersecurity. The privately held Colonial Pipeline company, which provides nearly half of the fuel used by the East Coast — gasoline, heating oil, jet fuel and fuel for the military totaling around 100 million gallons a day — was hit by a double-extortion ransomware attack by a DarkSide group in May of 2021.  In reaction, the company shut down…

3 min read

Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report

3 min read - Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights. This year, a new industry took the infamous top spot: manufacturing. For the first time in over five years, finance and insurance were not the top-attacked industries in 2021, as manufacturing overtook them by a…

3 min read