by Anastasios Arampatzis
The Energy and Utilities sector is undoubtedly vital for human activity and, at the same time, so fragile and vulnerable against cyber threats. The evolution of almost every aspect of human life is the result of energy usage. Imagine a world with no commercial power.
How would our lives be, if we were forced to live a few days without electricity?
What about the factories and the households?
The nuclear power plants, the refineries, and the biochemical industry?
No doubt, we are all heavily dependent on the energy sector, and even the thought of a malfunction for a short period of time is nightmarish.
As the energy sector becomes more and more network-based, cyber-enabled, and internet-exposed, its vulnerabilities against high skilled cyber criminals and cyber attacks are increased. The countries develop strategies and shape defenses to protect their critical energy entities. Measures are taken to enhance their cybersecurity capabilities. The EU defines them as Operators of Essential Services (OES) in the NIS Directive; on the other side of the Atlantic Ocean, USA and Canada have founded for the same reason the North American Electric Reliability Corporation (NERC) and established the Critical Infrastructure Protection (CIP) standards.
The energy sector is at risk
The world has realized that the stake to risk the cyber security of the energy operators is really high, especially after the two recent cyberattacks. The first one hit the USA. On April 29, 2021, Colonial Pipeline, the largest pipeline in the USA that carries gasoline and jet fuel to the Southeastern United States, suffered a ransomware attack initiated by a single compromised password, which took down the system managing the whole pipeline.
The second one hit Europe twice. Less than a year after the Colonial Pipeline attack, on January 29, 2022, a fuel-supply network in Europe felt the consequences of a cyberattack. The attack targeted two leading oil traders and fuel distributors in Germany, Oiltanking GmbH and Mabanaft GmbH. The breach of their IT systems affected the terminals in the European oil-trading hub. The result: oil producers, such as Shell, rerouted their oil supplies to other stations and the distributors declared force majeure on supplies. A week after another ransomware occurred. This time the cybercriminals attacked several major oil port terminals and organizations in the Netherlands, Belgium, and Germany.