The power system that millions of homes and businesses rely on is particularly susceptible to cyberattacks, says Deloitte.
Cyberattacks most frequently target the power sector and the attacks are becoming only more frequent and complex. In 2016, the U.S. sector reported 59 incidents—the third most-attacked sector behind critical manufacturing and communications. Europe, Japan and Australia reported similar results.
“If the power went out across a large region for an extended period, highly dependent systems—such as financial, communications, transportation, water, and sewer networks—would be severely impacted,” according to the report.
Internal threats usually include human error, disgruntled employees or unscrupulous contractors. But nation-states and organized crime are also becoming more active—and they could be teaming up: analysts suspect nation-state actors are enlisting organized crime groups to do their dirty work for them.
The most common form of cyberattack is the phishing attempt. Other types of attack include credential theft, denial of service, remote access trojans and “watering hole” attempts.
To their credit, power companies were among the first to respond to growing cyber risks, instituting mandatory cybersecurity measures across the industry in 2007. However, the industry is becoming increasingly modernized—and digitized—leading to an increased reliance on third-party operators, and a global supply network, to keep the lights on.
“With increasingly complex global supply chains, power companies will need to identify and map threats across the extended enterprise,” says Paul Zonneveld, Global Energy and Resources Risk Advisory leader at Deloitte.
Power utilities face challenges in containing cyber threats in that environment. First, they need to establish heightened accountability across a cyber supply chain that can often be ill-defined. They must understand the cybersecurity processes of their suppliers and ensure that supplier products and services comply with industry standards.
Second, as the industry faces pressure to move to the cloud, power suppliers need to ensure their data is being uploaded to trustworthy service providers. As with the first point, they need to actively engage with their cloud service suppliers to reinforce trust and reliability.
Third, implementing heightened cybersecurity preparedness requires expert staff—and many companies simply do not have the workforce to keep up with evolving threats.
Encouragingly, while cyberattacks are on the rise, so are the defense measures. “New tools are increasingly available, and the capability to monitor networks in real time, discover threats, and address them is advancing rapidly—providing needed protection for the industry at large,” said Zonneveld.
Read more about responses to cybersecurity threats at Is Data Centricity the New Frontier in Cybersecurity?