Perhaps more Americans would take cybersecurity threats seriously if they resulted in disruptions to their Netflix streaming and prevented them from taking hot showers. A lot of the activities we take for granted, including making a coffee in the morning and watching TV in the evenings, are powered by the energy industry. The nation’s power grid not only powers much of our in-house technology, it also props up emergency services, the healthcare system, the education system and more.
As the nation relies to heavily on the energy industry, it is a prime target for cyberattacks. We have seen, over the last few years, major disruptions to Ukraine’s power grid, attacks on the electricity grids in major European countries and the first attack on the U.S power grid – all down to cyberattacks.
The Threat to the U.S Energy Industry
Earlier in 2019, Los Angeles Country and Salt Lake County experienced interruptions with their electrical grid operations. The cause of this disruption was determined to be a Distributed Denial of Service attack (DDoS) on March 5.
Thankfully, with this attack, customers were not affected by the disruption, as the attack focussed on the utility’s supervisory control and data acquisition (SCADA) system. Investigators have speculated that the attackers may not have even known they were targeting a power utility, and if they had, they could have done some real damage to consumers.
Regardless of whether consumers were affected in this particular attack, any disruption to energy utilities is concerning, particularly when it comes as a result of a cyberattack. Americans need to take notice of the importance of proper security controls, processes and practices to help prevent costly and potentially life-threatening disruptions.
The Larger Problem
The attack in March is symptomatic of a larger problem that doesn’t just exist in the energy industry. Organizations across all industries have still not taken the necessary steps to secure themselves against internal and external threats.
Compliance requirements have helped build a framework for security that organizations can look to, but just because you are compliant doesn’t mean that you are secure. Many organizations are not running risk assessments regularly enough, or they believe that the purchase of a data security solution alone will solve all their problems.
As much as anything, data security is a mindset that must be fostered within all levels of an organization. We can only begin to truly keep our infrastructure and data secure if we approach every task with security at the forefront of the conversation. This is often referred to as “Security by Design” or “Privacy by Design”.
How to Protect Critical Infrastructure
Traditionally, organizations in the energy sector have looked to deploy siloed security solutions and enforce strict policies and procedures without context. This has not historically been very successful and there are better ways to ensure the security of critical infrastructure and data.
There are essentially four things you can do to ensure that critical infrastructure is not left exposed and at risk of cyberattacks:
- Make it harder for attackers to get into systems by tightening up access controls and identifying and monitoring those users who already have access to your key systems.
- Spot anomalous user behavior when it comes to accessing your systems, such as unusual logging in patterns or any deviation from the “norm”. This will help you spot the signs of a cyberattack sooner.
- Encrypt your data so that in the event of a cyberattack, the attackers cannot actually get their hands on anything important.
- Make sure that the reasons behind any security policies and practices (such as password rotation) are fully explained to the people they apply to. If your employees know the context behind such policies, and the threats associated with circumventing them, they are more likely to follow them.
If you would like an easier way to analyze user behaviour and spot anomalies, you will likely need the help of a Data Security Platform that audits, monitors and alerts on any user interaction with your systems and data. Schedule a demo of LepideAuditor today to see how our platform can help you secure your critical infrastructure and data.