Utility Week - authoritative, impartial and essential reading for senior people within utilities, regulators and government
Issue link: https://fhpublishing.uberflip.com/i/686319
The Topic: Infrastructure security INFRASTRUCTURE SECURITY THE TOPIC 16 | 3RD - 9TH JUNE 2016 | UTILITY WEEK What is the cyberthreat? Don't depend on your firewall to protect you from cyberattack. There are many other vectors, and some have already proved frighteningly effective against utility operations. "Attackers began a six-month assault on the Ukraine energy networks, and managed to get malware into the computer systems by sending emails to the company containing infected Microsoft Word documents" T he terms "hacking" and "cyberthreat" are both incredibly broad and cover a range of ways in which the security systems of utilities could be breached. Millions of pounds are spent creating fire- walls that are tough to break through, and research from Verizon shows that, although hacking through them is still the most com- mon way for a security breach to occur, it is not the only way that faceless cyberattackers look for a way in. The 2016 Data Breach Investigations Report by Verizon (see graph) highlights the number of other ways in which malware and other tools of cybercriminals can infiltrate what may be otherwise secure systems. It says malware, human error and the use of work equipment (such as laptops) for social use expose the network to threats. Phishing techniques, in which malware- infested emails that appear to be from genuine and trustworthy sources are used to breach the system, are one kind of attack. Casey Cole, managing director at Guru, said at Utility Week Live that this is one of the main ways in which hackers and cyber criminals can bypass firewalls. He added that carelessness or human error can lead to clicking on a link that could open up otherwise secure networks. An example of this kind of attack is thought to be the incident at RWE's Gun- dremmingen nuclear power plant, where viruses were found on office computers, 18 USB sticks and in the system used to model the movement of nuclear fuel rods. Alex Cruz Farmer, vice-president of cloud at NSFOCUS IB says: "With businesses now issuing laptops rather than the traditional desktops, and also more of the worldwide workforces taking their work home with them, we are, without knowing it, more susceptible to infection. "The saving grace here is that the Ger- man power plants were isolated from the internet, which is becoming a more popular technique for enterprises that want to pro- tect themselves." In Ukraine, this went further – with dra- matic consequences – at the end of last year. Attackers began a six-month assault on the Ukraine energy networks, and managed to get malware – known as BlackEnergy 3 – into the computer systems by sending emails to the company containing infected Microso Word documents. This enabled them to access the control system remotely – and lock out staff – before shutting off power to 225,000 people. With UK utilities prime targets for the anonymous attackers, staff vigilance is, according to Cole, one of the most important forms of protection. Informing staff of the risks that their actions and USB (and other) external devices could have, is a fundamental part of the cyberdefence strategy. NUMBER OF BREACHES PER THREAT ACTION CATEGORY OVER TIME 1,500 2005 2007 2009 2011 2013 2015 1,000 500 0 n Hacking n Malware n Social n Error n Misuse n Physical n Environmental £1.9bn The amount earmarked by the chancellor over the next five years to help protect Britain from cyberattack