Why a single cyberattack could mean lights out for the energy sector
We’ve talked before about the inherent vulnerability of the key parts of our infrastructure as Australia continues to digitise. The highly interconnected nature of modern industrial infrastructure, combined with the mixed-use of legacy and modern technology in these networks poses clear cybersecurity risks.
And the threats are only growing bigger. Cyberattackers are using more sophisticated tools and tactics every day, and the energy sector is an especially attractive target, given its critical role in modern infrastructure.
Awareness is growing, but change is slow
The cyberattacks on Ukrainian power stations in 2015 and 2016 affected more than 200,000 customers and showed just how much damage hackers can cause.
In 2016, Australia’s Chief Scientist Alan Finkel released a review into the future security of the national electricity market and recommended that stronger security measures be put in place. While there has been some progress on that front, we still have a long way to go to make our energy infrastructure cyber resilient.
The threats looming over our critical infrastructure are continuing to grow, and so has its awareness, but many players in the Australian energy sector still see cybersecurity as a sunk investment that is prohibitively expensive. But even if a top-to-bottom cybersecurity overhaul isn’t practical, there are still several cost-effective ways of improving security, including email security and threat monitoring.
While individual energy organisations are putting some cybersecurity measures in place, there needs to be a baseline cybersecurity requirement to ensure the network stays secure. Government intervention will most likely be needed for this to happen, but as it stands, individual energy companies need to evaluate their security priorities and implement them on their own. Luckily, a cybersecurity upgrade doesn’t need to be a massive investment.
What energy companies can do to bolster their cybersecurity
In an ideal world, every energy organisation would have the budgets and capability to fully overhaul their cybersecurity measures from the ground up. But we don’t need to aim for ‘perfect’ here. A few basic measures can reap big dividends and dramatically reduce the risk of becoming a target of an attack.
1. Keep software patched and updated
Even the most modern and hi-tech organisations stuff this one up. Many attacks exploit vulnerabilities in outdated software, so make sure your organisation uses up-to-date software, and regularly check for and install any updates and patches. Don’t forget to retire software that’s reached the end of its service life.
2. Check permissions and application controls
You wouldn’t let just anyone log on to your critical systems, would you? Make sure you have the right permissions and logins set up on your key systems and devices. Organisations can greatly improve the cyber resilience of their operating environment by moving from the old-school antivirus approach (which looks for already-known threats) to an application control approach, which only allows authenticated users to access sensitive data and denies access to anyone else.
3. Train your people
Human error is still the biggest cause of cyber breaches. Make sure your people practice responsible cyber-behaviour and have a good understanding of what they should and shouldn’t be doing when it comes to security. Cyber resilience is a team sport, and it’s important for everyone in the organisation to play their part. Luckily, awareness training has come a long way and is no longer like the long-winded, stuffy lectures you’re thinking about. In fact, it can be a lot of fun.
To ensure the uninterrupted supply of power to all Australians, it is more important than ever that Australia’s energy operators stay resilient against current and future cyber risks. Any initiatives that reduce cyber risk, even modest ones, can be the deciding factor between a temporary setback and catastrophic failure for our energy network.