The TrickyScribe: Data breaches are significant. Especially when the question of privacy (or lack of it) is made pertinent as far as data is concerned. This is the reason why stringent data protection regulations – like the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act – have been pressed into service.
While data breaches are prevalent, subject of cyber security in the energy sector should be awarded a greater concern. In the recent years, attacks on critical infrastructure have surged and the potential repercussions are known. Loss of data is concerning; but a loss of electricity & water is catastrophic, equally for business and society.
As a result, Information Age makes cyber security one of the top most priorities on the mind of every CTO, technology leader, CEO and board member. And, if it’s not? The hazards could be real. Highlighting the power industry’s vulnerability to cyberattacks, firms working for the nuclear and energy sectors in the US have been warned about a hacking drive.
Hackers used phishing emails to harvest credentials to gain access to their target networks, said a joint report from the US Department of Homeland Security and Federal Bureau of Investigation. Disclosing attacks and warning that the hackers in some cases succeeded in compromising the networks of their targets, the report, however, did not identify any specific victims.
Power industry examining intrusions
Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict.
A virus dubbed “NotPetya” hit the internet a couple of years back, spreading from initial infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupting activities at factories, ports and law firms. This triggered panic amongst the cyber security experts.
E&E News reported that investigators were looking into cyber intrusions this year at multiple nuclear power generators. It said there was no evidence safety systems had been compromised at affected plants.
Worry since 2016
Industrial organizations, including power providers and other utilities, have been worried about the potential for destructive cyberattacks since December last, when hackers cut electricity in Ukraine.
US nuclear power generators SCANA Corp, PSEG and Entergy Corp said they were not affected by the recent cyberattacks. SCANA’s VC Summer nuclear plant in South Carolina shut down on Thursday because of a problem with a valve in the non-nuclear portion of the plant, a spokesman said.
Dominion Energy, another nuclear power generator, said it does not comment on cyber security.
Two cyber security firms said that they had identified the malicious software used in the Ukraine attack, which they christened as Industroyer, warning that it could be easily modified to attack utilities in the US and Europe.
Industroyer is the second piece of malware capable of disrupting industrial processes without the need for hackers to manually intervene. The first one, Stuxnet, was identified in 2010 and is widely believed by security researchers to have been used by the US and Israel to attack Iran’s nuclear program.
The government report said attackers conducted recce to gain information about the individuals whose computers they sought to infect to create “decoy documents” on topics of interest to their targets.
It mentions 11 files being used in the attacks, including malware downloaders and tools that allow the hackers to take remote control of victims’ computers and travel across their networks.
The three largest US oil producers, Chevron Corp, Exxon Mobil Corp and ConocoPhillips, stayed tight-lipped as it declined to comment on their network security.