Keeping the Lights On: Security Trends in the Energy and Utilities Industry

Reliable. Secure. Constant. These qualities should define the energy and utilities industry, and they usually do. Electric, gas and water utilities are built on a highly regulated framework run by professionals and backed by decades of operating experience and billions of dollars of infrastructure investment.

Even so — and even with strong regulatory compliance — a cyberattack is still in the cards. The industry views that prospect with grave concern. An attack against a company supplying fuel, electricity or drinking water to a city or nation would impact far more than just economics. The health and welfare of a whole region, or even an entire nation, could be at risk.

Spotlight Shines on Energy and Utilities Industry

Recent media attention has focused mostly on incidents affecting the retail, finance and health care sectors, but now the spotlight is also shining on the energy and utilities industry. Attacks on electrical grids and utility providers have increased steadily over the past decade —most notably the coordinated cyberattack on a Ukrainian power grid in December 2015 that resulted in tens of thousands of people losing electricity. More recently, researchers discovered sophisticated malware designed to perform reconnaissance on an energy grid’s system.

Download the IBM report on Security Trends in the Energy and Utilities Industry

Bad actors are actively seeking ways to attack the energy and utilities industry, and there is obvious and immediate cause for concern. The consequences could be significant across multiple industries. The U.S. Department of Homeland Security (DHS) described the energy sector as “uniquely critical because it provides an ‘enabling function’ across all critical infrastructure sectors.” In other words, an attack on an energy company could have a domino effect, impacting all the industries that depend on it.

Recognize Risks

The energy and utilities industry must be prepared for cyberattacks. It’s important to recognize the areas of risk in your environment, understand potential attackers’ motivations and know what types of attack you’re likely to face.

For more information, read the IBM report, “Keeping the Lights On: Security Trends in the Energy and Utilities Industry.” It provides insights regarding the types of cyberattacks targeting the energy and utilities sector as well as recommendations on how it can address these security challenges.

Share this Article:
Michelle Alvarez

Threat Researcher and Editor, IBM Managed Security Services

Michelle Alvarez is a Threat Researcher and Editor for IBM's Managed Security Services; she brings more than 10 years of industry experience to her role. In this role she focuses communications efforts around threat research and mitigation. Michelle joined IBM through the Internet Security Services (ISS) acquisition, where she served as an Analyst on the X-Force Vulnerability Database Team.