There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nuclear centrifuges by Stuxnet in 2010, and the Shamoon malware attacks in November 2016 and January 2017 against Gulf state organizations, the stakes for energy and utilities companies are higher than ever. The health and welfare of whole nations could potentially be at risk.

Attackers Set Their Sights on Industrial Control Systems

A great many industrial control system (ICS) configurations, including SCADA systems, distributed control systems (DCS) and programmable logic controllers (PLCs), are operating in the energy and utilities industry. In December, IBM X-Force Threat Research reported that attacks targeting ICS systems increased by more than 110 percent in 2016. At midyear 2017, attacks are projected to equal or possibly surpass the volume observed in 2016.


Source: IBM Managed Security Services data, Jan. 1, 2013 to July 15, 2017.

The Who and the How

In the energy and utilities sector, IBM Managed Security Services (MSS) 2016 data revealed that unintentional and malicious attacks were made up of 60 percent outsiders and 40 percent insiders. Within the insider group, there were more inadvertent actors (24 percent) than malicious insiders (16 percent).


Source: IBM Managed Security Services data, Jan. 1 to Dec. 31, 2016.

IBM MSS analysis of 2016 data also revealed that the top attack vector, which involved the use of malicious input data to attempt to control or disrupt a system, targeted 60 percent of the energy and utilities clients monitored by IBM X-Force. That figure was notably higher than the 42 percent average across all industries.


Source: IBM Managed Security Services data, Jan. 1 to Dec. 31, 2016.

More Resources for Energy and Utilities Companies

From network break-ins to ransomware to seizing control systems, attacks against energy and utilities companies are on the rise. A proper assessment of information security risk is critical to the effective direction of your IT investment, critical assets and utilization of resources.

Refer to the IBM report, “Energy and Utility Companies: Targeted on All Sides,” for recommendations to consider when making strategic decisions to help safeguard your business.

Read the complete Report: Energy and Utility Companies — Targeted on all sides

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…