Energy Companies Need to Understand Their Cyber Attack Surface To Protect Against Cybersecurity Threats

Cyber threats targeting energy companies are on the rise, and the recent alleged attack on a Canadian natural gas company by Russian-based hacking group Zarya had many in the industry on edge. Although the group claims to have caused financial damage without loss of life, the potential for devastating outcomes in future attacks is a growing concern. What steps can energy companies take to fortify their defenses, understand their cyber attack surface and ensure the security of critical infrastructure and sensitive data?

In light of this alarming trend, it’s clear that energy companies must prioritize cybersecurity, investing in advanced technology and employee training to combat these threats. Cooperation between the private sector, government agencies, and security experts will be crucial for staying informed about potential risks and developing strategies to mitigate them. Regular software updates and stringent security protocols can also lessen the chances of a successful cyberattack. The pressing question remains: Are energy companies doing enough to protect themselves from cyber threats?

With a keen understanding of the multifaceted threats to the energy sector, Megan Samford, VP and Chief Product Security Officer of Energy Management at Schneider Electric, emphasizes the importance of comprehensively assessing one’s cyber attack surface and staying prepared for potential incidents.

Megan’s Thoughts:

“So when it comes to threats to the energy sector, we can really look at it from a few different angles. The first is aging infrastructure. The second is traditional natural disasters that happen every single day that the grid is used to dealing with and has been used to dealing with for over a hundred years now.

The next is the increased connectivity to the grid. We know that this means increased digitization and electrification, which is great. But increased connectivity also brings an increased attack surface. And finally, we see very targeted attacks to the energy sector as well as more opportunistic attacks like ransomware.

The targeted attacks are getting scarier; we see repeatable attack frameworks that are being used more like Swiss Army knives rather than one-in-done style malware that wasn’t able to be used across companies, across products or different sectors. And finally, what can be done about this?

The first thing is to understand your attack surface and the connections coming in and out of your network. Have an up-to-date asset inventory. On top of that, you want to have a defensible network architecture. You want to have anomaly detection so that you’re able to detect when the bad guys do get onto your network.

And finally, you want to have an incident response plan with the stakeholders that are in your supply chain that you can reach out to, to support you, as well as government contacts from CISA and the FBI that can be called upon.”

Article written by Azam Saghir.