Cyber risks have grown along with the digital and technological revolution sweeping through the energy sector.

Cyber risks have grown along with the digital and technological revolution sweeping through the energy sector. Broadly, this plays out in two ways:  First, existing “brownfield” assets like gas turbines, pipeline compressors and electric substations (previously operated by isolated software programs or analogue controls) are now being digitised and connected to broader networks. Second, digitally-native energy assets such as renewable power generation, smart-grid technologies, and EV charging stations, are being deployed at break-neck speed.

While both retrofitted and new assets are indispensable in future energy generation and distribution systems, the digitalisation of the energy sector also brings about emergent and elevated cybersecurity risks which organisations must learn to manage effectively.

Cyberattacks on energy systems can destabilise the electric grid and risk the breach of sensitive data relating to energy generation, transmission and distribution. These attacks not only have the potential to cripple the economy, but also have a devastating and destabilizing impact on the society due to the nature of it being part of a country’s critical infrastructure. For instance – the high-profile case of the 2021 Colonial Pipeline ransomware attack resulted in panic-buying of fuel, which led to gas shortages and skyrocketed gas prices. The disruption of the supply chain also impacted critical services such as transportation and emergency response services. 

When it comes to keeping the lights on, factories running, and vehicles refuelled or recharged, cybersecurity cannot be taken lightly.

Ripe for chaos

The energy industry is an attractive target for cyberattacks for a number of reasons. Simple exploits on the dark web are easily accessible to malicious actors from as low as $16.99, with the potential to cause extraordinary damage to daily operations to the tune of millions of dollars. However, malicious actors are not limited to just cyber criminals seeking financial gain. Attackers also include state and non-state actors seeking to use energy and critical infrastructure as a pawn in broader geo-political or adversarial conflict.

Due to its complex and distributed infrastructure, the energy sector has a large ‘surface area for attack’. The rapid rate of digitalisation and decentralisation with the deployment of wind, solar, smart meters, EVs and other distributed infrastructure expands the already-large and ever-growing surface area for attack. With the energy sector considered a late digital adopter, there is a relative lack of cybersecurity expertise. These factors culminate into the perfect storm for the energy industry, providing the opportunity for cyber attackers to create chaos.

Leo Simonovich, Global Head, Industrial Cyber and Digital Security, Siemens Energy

Illuminating the vulnerabilities

Traditionally, industrial cybersecurity approaches have relied on air-gapping assets in the operating environment and securing them behind physical and digital barriers. However, this approach is no longer sufficient, as cyber threats have become increasingly sophisticated and can penetrate these barriers undetected.

Achieving a future built on smart infrastructure depends on increasing cybersecurity industry-wide and in every link of the value chain. As energy companies face an increasing onslaught of cyberthreats, it is imperative that they adopt a proactive approach to cybersecurity to mitigate the risks.

With the recent launch of the Siemens Energy Cybersecurity Operations Center (cSOC) Asia Pacific, the built-for-purpose facility is engineered to provide monitoring, detection, and timely crisis support to secure businesses’ operating environment round the clock and end ensure operational continuity. Powered by Managed Detection Response (MDR) technology that is integrated with artificial intelligence (AI) capabilities, the center helps organisations transform vast amounts of data into actionable intelligence, with the intent to illuminate and empower swift action by providing the context and visibility.

With such a system, cybersecurity teams will be able to detect anomalies but also determine whether an attack is in progress, assess its operational impact, and respond quickly and proportionately to resolve the attack with minimal disruption. By adopting a purpose-built industrial monitoring system, energy companies can fight cyberattacks with eyes wide open and reduce their exposure to significant risks.

Bolstering cyber resiliency of energy systems with technology

As cyber attackers adopt more sophisticated techniques and technologies into their arsenal, organisations looking to secure their OT systems will need remain one, two, or even ten steps ahead. Cybersecurity is a resource-intensive endeavour, and mounting pressure on IT budgets, technical capabilities and manpower to monitor cyberthreats 24/7 ironically puts cybersecurity at risk of being an afterthought.

Slowly but surely, the energy sector continues to experience rapid digital transformation. It is essential to prioritise cybersecurity measures to ensure the integrity and resilience of critical infrastructure. Ultimately, the end-goal of achieving the energy transition can only happen on the back of a robust and resilient cybersecurity foundation.