How Does Energy Fare Abroad?
The UK, Japan, and Australia are some nations that have suffered huge losses due to cyber breaches. Energy is a growing international issue with political interests backing the attacks. One growing threat is the industrial control system (ICS) asset attack which has been reported to be coordinated by nation-states or organized crime.
ICS attacks are especially dangerous as they cause both cyber and physical damage. The 2017 Trisis/Triton attack on the safety systems at a Saudi Arabian petrochemical plant was meant to shut down the plant, steal data, and trigger an explosion. Since international energy systems mirror the same supply chain vulnerabilities and a high number of interdependencies, it is worthwhile to learn more about different approaches to prevent such dangerous attacks.
Since the Triton attack, NIST and the National Cybersecurity Center of Excellence (NCCoE), have developed NIST SP 1800-23, Energy Sector Asset Management. This special publication will provide methods for monitoring and safeguarding ICS assets and threats to OT infrastructure.
There is value in understanding how competitors and different governing bodies manage this sector. Energy companies are complexly organized as they depend on many different equipment manufacturers, sector partners, and third-party virtual systems to function. If companies receive equipment from global partners and risk is identified in the equipment, cybercriminals can exploit these gaps on a global scale. Regulatory bodies need to collaborate with each other on manufacturing and security guidelines.
An information-sharing network like the E-ISAC gives vetted energy companies in the US, Canada, and parts of Mexico the ability to convey emerging threat information, security standards, best practices, and foster better communication between businesses and their government. Particularly in the US, all registered NERC utilities must comply with Reliability Standard CIP-008-06 and report to the E-ISAC. Network members can receive physical security and cybersecurity bulletins, real-time IT updates, best practices, and situational awareness of threats.