There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nuclear centrifuges by Stuxnet in 2010, and the Shamoon malware attacks in November 2016 and January 2017 against Gulf state organizations, the stakes for energy and utilities companies are higher than ever. The health and welfare of whole nations could potentially be at risk.

Attackers Set Their Sights on Industrial Control Systems

A great many industrial control system (ICS) configurations, including SCADA systems, distributed control systems (DCS) and programmable logic controllers (PLCs), are operating in the energy and utilities industry. In December, IBM X-Force Threat Research reported that attacks targeting ICS systems increased by more than 110 percent in 2016. At midyear 2017, attacks are projected to equal or possibly surpass the volume observed in 2016.


Source: IBM Managed Security Services data, Jan. 1, 2013 to July 15, 2017.

The Who and the How

In the energy and utilities sector, IBM Managed Security Services (MSS) 2016 data revealed that unintentional and malicious attacks were made up of 60 percent outsiders and 40 percent insiders. Within the insider group, there were more inadvertent actors (24 percent) than malicious insiders (16 percent).


Source: IBM Managed Security Services data, Jan. 1 to Dec. 31, 2016.

IBM MSS analysis of 2016 data also revealed that the top attack vector, which involved the use of malicious input data to attempt to control or disrupt a system, targeted 60 percent of the energy and utilities clients monitored by IBM X-Force. That figure was notably higher than the 42 percent average across all industries.


Source: IBM Managed Security Services data, Jan. 1 to Dec. 31, 2016.

More Resources for Energy and Utilities Companies

From network break-ins to ransomware to seizing control systems, attacks against energy and utilities companies are on the rise. A proper assessment of information security risk is critical to the effective direction of your IT investment, critical assets and utilization of resources.

Refer to the IBM report, “Energy and Utility Companies: Targeted on All Sides,” for recommendations to consider when making strategic decisions to help safeguard your business.

Read the complete Report: Energy and Utility Companies — Targeted on all sides

More from Energy & Utility

Today’s biggest threats against the energy grid

2 min read - Without the U.S. energy grid, life as we know it simply grinds to a halt. Businesses can’t serve customers. Homes don’t have power. Traffic lights no longer work. We depend on the grid operating reliably each and every day for business and personal tasks. That makes it even more crucial to defend our energy grid from modern threats. Physical threats to the energy grid Since day one, the grid has been vulnerable from a physical perspective. Storms knocking the grid…

2022 industry threat recap: Energy

3 min read - In 2022, 10.7% of observed cyberattacks targeted the energy industry, according to the X-Force Threat Intelligence Index 2023. This puts energy in fourth place overall — the same as the year prior and behind manufacturing, finance and insurance and professional and business services. The report notes that this reduction in total cyberattacks may be partly tied to pushback from highly public breaches in 2021, such as the Colonial Pipeline attack. Despite the overall drop in threats, however, the industry remains…

X-Force 2022 insights: An expanding OT threat landscape

9 min read - This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT asset owners and operators, all of whom understand the need to keep critical infrastructures running safely, need to be aware…

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem

3 min read - The Colonial Pipeline cyberattack is still causing ripples. Some of these federal mandates may mark major changes for operational technology (OT) cybersecurity. The privately held Colonial Pipeline company, which provides nearly half of the fuel used by the East Coast — gasoline, heating oil, jet fuel and fuel for the military totaling around 100 million gallons a day — was hit by a double-extortion ransomware attack by a DarkSide group in May of 2021.  In reaction, the company shut down…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today