Is Enough Being Done To Protect North America’s Energy Infrastructure From Cybercriminals?
More than one-third of the hacking groups that are monitored by a leading cybersecurity firm has expressed interest in North America’s electricity industry. But it’s not just electric firms that should be on the guard: the country’s entire energy infrastructure is under attack by cybercriminals, as was demonstrated by the recent Ryuk ransomware attacks on multiple gas and oil firms. But just how much of a role does internet security have on stopping these attacks, and can more be done to stop them?
The Ryuk attacks that have struck the energy industry have involved phishing emails being sent to workers containing a malicious link. When the link was clicked, it would lock users out of IT files and spread to the organization’s monitoring systems, thus compromising critical data. Mexico-based oil firm Pemex’s cyberattack forced all employees to disconnect from the internet, which then allowed the Ryuk ransomware to take control of multiple systems, including its payments system. Companies that fall foul to Ryuk’s ways are typically sent a ransom demand that they must pay if they want access back to their systems. Reports confirm that the average ransom requested by Ryuk is $377,000.
In 2018, it was revealed that the U.S. Department of Energy was handing over $28 million to be used for the development of cybersecurity tools and technology to help protect energy organizations. It’s crucial that this work is carried out, as Ryuk’s ransomware is so advanced that it’s capable of modifying itself to suit the IT systems of the organization that it’s targeting. The good news is that cybersecurity firms have been effective at stopping malicious ransomware from spreading in the past. But to do this, a solid cybersecurity platform that monitors a company’s IT systems around the clock is a must. CoreTech confirms the importance of this, and strongly suggests integrating “end-to-end security for safer networks, data storage, and communication tools.”
Better cybersecurity needed
The sophisticated methods that Ryuk and similar cyber attackers use means that standard cybersecurity isn’t enough. All businesses within the electricity, gas and oil industries must have active network monitoring in place. In addition, regular system backups must be made, but only the ones made when an organization’s systems weren’t under attack can be relied on. One unnamed Ryuk victim implemented their backup system after being targeted, only to find that it too was infected, as they’d quietly been under attack from Ryuk for months.
Ransomware attacks are becoming increasingly common in the energy sector. Although the reason for this isn’t clear, it doesn’t take away from the fact that these businesses must look at their current levels of internet security and find ways to improve it now.