In February 2018, the United States Department of Energy established the new Office of Cybersecurity, Energy Security and Emergency Response (CESER), focused on cybersecurity, energy security and emergency response with $96 million in government funding – and not a moment too soon. One month later, the Federal Bureau of Investigation and the Department of Homeland Security issued an alert alleging that Russian hackers mounted a methodical, long-term campaign to infiltrate and surveil critical US energy and utility infrastructure. Hackers were able to regularly access workstations and servers on corporate networks that contained critical data from control systems within power plants.
The accompanying technical alert from the US Computer Energy Readiness Team (CERT) is even more alarming, in that it associated with “Dragonfly” – a campaign that security firm Symantec warned about six months prior. The group Dragonfly 2.0 has been operating on and off since 2011, and the ingenuity of its hackers is terrifying. The CERT report warned that hackers “downloaded a small photo from a publicly accessible human resources page,” and then were able to examine the high-resolution image to show “control systems equipment models and status information in the background.” In today’s world, a seemingly innocuous photo of an employee on a company website is suddenly fodder for a cyberattack.
These hackers are smart – and the energy and utility industry needs to be smarter. To that end, for the last four years, the North American Electric Reliability Corporation (NERC) has hosted a grid security exercise, GridEx, which consists of a two-day exercise scenario with an executive tabletop for senior industry executives and government officials. These exercises give stakeholders the opportunity to respond to simulated cyber and physical attacks that affect the reliable operation of the grid. In its report – identifying recommendations and lesson learned – NERC repeatedly stressed the importance of increased coordination and communication, placing the most emphasis on “enhancing reliability coordinator communication” and “increasing communications resilience.” In fact, communication is commonly listed as the number one issue when it comes to incident response post-mortems.
The challenge, of course, is to increase coordination and communication without increasing risk or vulnerability. The threat factors that the FBI and DHS identified were incredibly effective in their use of a spear-fishing campaign, using email attachments to leverage legitimate Microsoft Office functions for retrieving documents from remote servers. In April, unidentified hackers infiltrated a communications platform run by Energy Services Group LLC, which is used all over the country for power transactions, causing at least five US pipeline companies to shut their communications systems down for days. This latest attack is the perfect example of how the alleged Russian hackers leveraged the sprawling nature and dynamic relationships specific to the energy and utility industry. Their campaign targeted trusted third-parties in order to use their networks as pivot points and malware repositories for targeting their ultimate victims. Secure coordination and communication is a must across all stakeholders, from government officials, industry councils, third-party suppliers, to consumers and more.
Vaporstream Secure Messaging Platform for Energy addresses cyberattacks by providing a separate, confidential and secure communication channel when an attack occurs. Vaporstream goes beyond simple encryption of text to eliminate data leaks and ensures communications can continue – undetected and uncompromised – outside of your network, keeping bad actors “out of the know.” With secure, ephemeral and compliant messaging, Vaporstream is uniquely suited to support the energy and utility industry’s increased focus on improving coordination and communication with both industry and government stakeholders, improving vigilance, agility and readiness.
To find out more about the Vaporstream Secure Messaging Platform for Energy and how we help Energy and Utilities with secure communication download our latest white paper Secure Crisis Communications: Changing the Game in Energy and Utilities, or contact us to speak with a Vaporstream expert.
*** This is a Security Bloggers Network syndicated blog from Vaporstream authored by Emily Rochester. Read the original post at: https://www.vaporstream.com/blog/energy-industry-under-attack/