Energy

Published on 01 Jul 2019

Updated on 08 Oct 2019

CyberSense is a monthly bulletin by CSA that spotlights salient cybersecurity topics, trends and technologies, based on curated articles and commentaries. CSA provides periodic updates to these bulletins when there are new developments.


OVERVIEW

As the global energy sector moves towards providing “clean energy”, operational processes will change too. With it, an opportunity to review the cybersecurity measures that need to be in place from the outset, to counter cyber-attacks on the sector. The European Union (EU) and US have taken the lead with their assessment on the “new” energy industry. The EU Industry, Research and Energy (ITRE) acknowledged in a report on the sector that the operational shift would have cybersecurity implications. The US flagged the threats to the energy sector in their Quadrennial Energy Review report.

power plant

Meanwhile, current power plants continue to be attractive targets of cyber-attacks, especially as the impact can be widespread. In December 2016, Ukraine suffered a power outage due to a cyber-attack – nearly a year later after similar blackouts in December 2015 in what is considered to be the first known successful cyber-attack on a power grid. In Taiwan, an energy company became a victim of cyber espionage. In January 2017, cyber-attacks contributed to power cuts in Turkey.

In Singapore, changes are afoot too in the energy sector as the country drives towards a smart nation. This would be a good opportune time to relook into the energy needs of local businesses to fully optimise energy management (from energy generation to demand-side management), and include intelligent energy storage systems by leveraging Internet of Things (IoTs). However, security architecture needs to be designed upfront for these IoTs so that they can be robust against cyber-attacks.

REPORTS

US GRID IN “IMMINENT DANGER” FROM CYBER-ATTACK, STUDY SAYS

The US Energy Department warned that a widespread power outage caused by a cyber-attack could undermine "critical defence infrastructure", and place at risk the health and safety of millions of citizens, according to the second volume of Quadrennial Energy Review report. The first volume was released in April 2015, which had then acknowledged that cyber threats to energy infrastructure were growing.

In the latest report, noting cyber-attacks on the energy sector in other countries like Ukraine in December 2015, it said cybersecurity is a particular concern for national and homeland security in the US. The report noted that one of the hackers’ strongest capabilities was their performance of long-term reconnaissance operations before staging a highly-synchronised, multi-stage, multi-site attack.

Read on by clicking on the story below:


CYBER SECURITY STRATEGY FOR THE ENERGY SECTOR – STUDY FOR THE ITRE COMMITTEE

In October 2016, the European Union Industry, Research and Energy (EU-ITRE) Committee commissioned a study on the EU energy infrastructure and its cybersecurity strategy. The study highlighted two key characteristics of the EU energy infrastructure, which could directly influence the development of effective cybersecurity policy: (a) Smart and decarbonised EU energy system, leading to an increased decentralisation of the system; and (b) Inconsistency across the EU on the status of smart energy system development. Ten recommendations were suggested to help realise an effective cybersecurity strategy for the energy sector in Europe.

The study comes at a time when the EU energy infrastructure is transitioning into a decentralised, digitalised smart energy system.

Read on by clicking on the story below:


HACKERS TRIGGER YET ANOTHER POWER OUTAGE IN UKRAINE

Ukraine was struck with a second power outage on 17 December 2016, which lasted for about an hour. Security researchers attributed this outage to a cyber-attack, similar to the first one that happened in December 2015, which affected 225,000 Ukrainians. In a report by Booz Allen Hamilton in October 2016, the first attack may have been a part of a long, multi-pronged campaign by an actor whose goals are aligned with Russian political interests.

Similarly, the blame for the latest attack pointed towards the same actor/s. Regardless, the events in Ukraine showed that attacks on power facilities and other critical infrastructure are gaining frequency.

Read on by clicking on the story below:


CYBERSPIES TARGET TAIWAN GOVERNMENT, ENERGY SECTOR

A fossil fuel provider in Taiwan was targeted in August 2016. This attack was considered to be part of an attack campaign, known as “Tropic Trooper”. The campaign, with espionage as a predominant motive, has been active since 2012.

Trend Micro and Palo Alto Networks found evidence of a piece of malware called “Poison Ivy”, which was delivered using spear-phishing e-mails. Researchers however could not find any evidence linking the operation to a specific actor or nation-state.

Read on by clicking on the story below:


TURKEY BLAMES SABOTAGE, CYBER-ATTACKS FROM US FOR POWER CUTS

In early January 2017, Istanbul and other parts of Turkey experienced power outages. According to the Turkish Energy Minister Berat Albayrak, one of the factors to the outages was cyber-attacks originating from the US

Trend Micro and Palo Alto Networks found evidence of a piece of malware called “Poison Ivy”, which was delivered using spear-phishing e-mails. Researchers however could not find any evidence linking the operation to a specific actor or nation-state.

In addition, Albayrak claimed that the attacks were carried out systematically, but the Energy Ministry “repelled them all”. These attacks were conducted when Turkey was hit by unusually cold weather and snowstorms. The targets appeared to be systems controlling their transmission and electricity producing lines.

Read on by clicking on the story below:


SOURCES INCLUDE: Ars Technica, Booz Allen Hamilton, European Parliament Committees, RussiaToday, SecurityWeek and United States Department of Energy