Keeping the Lights On: Security Trends in the Energy and Utilities Industry

September 8, 2016
| |
2 min read

Reliable. Secure. Constant. These qualities should define the energy and utilities industry, and they usually do. Electric, gas and water utilities are built on a highly regulated framework run by professionals and backed by decades of operating experience and billions of dollars of infrastructure investment.

Even so — and even with strong regulatory compliance — a cyberattack is still in the cards. The industry views that prospect with grave concern. An attack against a company supplying fuel, electricity or drinking water to a city or nation would impact far more than just economics. The health and welfare of a whole region, or even an entire nation, could be at risk.

Spotlight Shines on Energy and Utilities Industry

Recent media attention has focused mostly on incidents affecting the retail, finance and health care sectors, but now the spotlight is also shining on the energy and utilities industry. Attacks on electrical grids and utility providers have increased steadily over the past decade —most notably the coordinated cyberattack on a Ukrainian power grid in December 2015 that resulted in tens of thousands of people losing electricity. More recently, researchers discovered sophisticated malware designed to perform reconnaissance on an energy grid’s system.

**UPDATE** Read the complete Report: Energy and Utility Companies — Targeted on all sides

Bad actors are actively seeking ways to attack the energy and utilities industry, and there is obvious and immediate cause for concern. The consequences could be significant across multiple industries. The U.S. Department of Homeland Security (DHS) described the energy sector as “uniquely critical because it provides an ‘enabling function’ across all critical infrastructure sectors.” In other words, an attack on an energy company could have a domino effect, impacting all the industries that depend on it.

Recognize Risks

The energy and utilities industry must be prepared for cyberattacks. It’s important to recognize the areas of risk in your environment, understand potential attackers’ motivations and know what types of attack you’re likely to face.

For more information, read the updated 2017 IBM report, “Energy and Utility Companies — Targeted on All Sides.” It provides insights regarding the types of cyberattacks targeting the energy and utilities sector as well as recommendations on how it can address these security challenges.

Michelle Alvarez
Manager, IBM X-Force IRIS

Michelle Alvarez is the manager of the Threat Intelligence Production Team with IBM X-Force Incident Response and Intelligence Services (IRIS). She brings mo...
read more

Banner ad leading to the Cost of a Data Breach Report for 2020.
Banner ad leading to the Cost of a Data Breach Report for 2020.
Your browser doesn’t support HTML5 audio
Press play to continue listening
00:00 00:00