Reliable. Secure. Constant. These qualities should define the energy and utilities industry, and they usually do. Electric, gas and water utilities are built on a highly regulated framework run by professionals and backed by decades of operating experience and billions of dollars of infrastructure investment.

Even so — and even with strong regulatory compliance — a cyberattack is still in the cards. The industry views that prospect with grave concern. An attack against a company supplying fuel, electricity or drinking water to a city or nation would impact far more than just economics. The health and welfare of a whole region, or even an entire nation, could be at risk.

Spotlight Shines on Energy and Utilities Industry

Recent media attention has focused mostly on incidents affecting the retail, finance and health care sectors, but now the spotlight is also shining on the energy and utilities industry. Attacks on electrical grids and utility providers have increased steadily over the past decade —most notably the coordinated cyberattack on a Ukrainian power grid in December 2015 that resulted in tens of thousands of people losing electricity. More recently, researchers discovered sophisticated malware designed to perform reconnaissance on an energy grid’s system.

**UPDATE** Read the complete Report: Energy and Utility Companies — Targeted on all sides

Bad actors are actively seeking ways to attack the energy and utilities industry, and there is obvious and immediate cause for concern. The consequences could be significant across multiple industries. The U.S. Department of Homeland Security (DHS) described the energy sector as “uniquely critical because it provides an ‘enabling function’ across all critical infrastructure sectors.” In other words, an attack on an energy company could have a domino effect, impacting all the industries that depend on it.

Recognize Risks

The energy and utilities industry must be prepared for cyberattacks. It’s important to recognize the areas of risk in your environment, understand potential attackers’ motivations and know what types of attack you’re likely to face.

For more information, read the updated 2017 IBM report, “Energy and Utility Companies — Targeted on All Sides.” It provides insights regarding the types of cyberattacks targeting the energy and utilities sector as well as recommendations on how it can address these security challenges.

More from Energy & Utility

Water facilities warned to improve cybersecurity

3 min read - United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity.Water and wastewater systems are one of the 16 critical infrastructures in the U.S. The definition for inclusion in this category is that the industry must be so crucial to the United States that “the incapacity or destruction of such systems and assets would have a…

The UK energy sector faces an expanding OT threat landscape

3 min read - Critical infrastructure is under attack in almost every country, but especially in the United Kingdom. The UK was the most attacked country in Europe, which is already the region most impacted by cyber incidents. The energy industry is taking the brunt of those cyberattacks, according to IBM’s X-Force Threat Intelligence Index 2024.The energy sector is a favorite target for threat actors. The complexity of systems and the reliance on legacy OT systems make them easy prey. Because of the critical…

Third-party breaches hit 90% of top global energy companies

3 min read - A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve in everyday life.Their increased dependence on digital systems facilitates the increase in attacks on infrastructure networks. This sheds light on the need for these energy companies to adopt a proactive approach to securing their networks and customer information.2023 industry recap:…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today