![]() The email campaign allowed malware to infect machines of any user who clicked on the attachment, effectively opening a backdoor into the grid. Experts suspect the CrashOverride attack was caused by a spearphishing campaign targeting IT administrators of electricity distributors across the grid. The Ukrainian electricity grid experienced mass outages after it was infected by CrashOverride malware.Ransomware attacks on OT increased by 67% in Q4 2019 according to IBM X-Force. The malware demanded an $11 million ransom. European utility EDP was the victim of a Ragnar Locker ransomware attack.These types of critical infrastructure attacks are already here: Using FDI, malicious actors could inject false data to cause harm to the grid, potentially causing a shutdown. False data injection (FDI) has been proposed as one area of weakness. Privacy issues are monitored by groups like Stop Smart Meters, who have published findings that smart meters are being used to research TV viewing habits and other marketing-related data.Īnd in terms of security, there have been a number of studies on the vulnerabilities of smart-grid supplied critical infrastructure. However, the use of the smart meter comes with security concerns. The use of smart grids is almost inevitable, as their use helps optimize energy requirements by understanding usage patterns more clearly. Similarly, the EU is pushing to have 80 percent of traditional meters replaced by smart meters by 2020. In the UK, the government is attempting to fit 26 million homes with a smart meter by 2020. The report points out that three-quarters of respondents said they expect to be a victim of a cybersecurity attack because of this merger between OT with IT.Ī 2019 survey from Ponemon and Siemens on cyber-threats in the utilities sector shows that 56% of respondents reported at least one shutdown or operational data loss per year, and 25% were hit by a “mega attack usually initiated by nation-state actors.” The survey also pointed out that 54% expect an attack on critical infrastructure in the next 12 months. A Kaspersky report into challenges experienced when OT and IT merge found that a major problem was in a lack of “maturity” in cybersecurity approaches across the merger. Operational Technologies (OT), such as Industrial Control Systems (ICS) and SCADA, are being increasingly targeted as they become increasingly connected to wider networks. Our energy and utility critical infrastructures are experiencing a profound shift towards the use of smarter technologies to counter the increase in resource requirements of a burgeoning global population. It is on this chilling note that we turn to the top security concerns facing energy and utility providers today.Ĭhallenge 1: Securing critical infrastructure & the gridĬritical infrastructures are not only the way we keep the lights on: they also play an intrinsic role in our economy. ![]() And with more open systems, the middleman role of malware infection just got a whole lot easier. New malware strains like Triton are designed to specifically target industrial control systems (ICS) to cause damage or shut them down. But modern industrial systems are at least, in part, internet-enabled. Stuxnet attacked a contained system, allegedly using a USB middleman to implant the malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |