Digital attackers are increasingly targeting energy organizations including those that support national electric grids. As reported by Morning Consult, security researchers found that utilities worldwide had suffered a recorded 1,780 distributed denial-of-service (DDoS) attacks between June 15 and August 21, 2020. That’s a 595% year-over-year increase.

Brandon Robinson, a partner at Balch & Bingham LLP, said that these research findings highlight how malicious actors of varying motivations continue to prey upon utilities entities.

“Whether one’s motivation is to do financial, economic, national security or industry harm, critical infrastructure such as the electric grid can be a natural target for such cyberattackers,” he said, as quoted by Morning Consult.

The Cyber Threat Situation in Canada

The Canadian Centre for Cyber Security (the Cyber Centre) recognizes how the information systems responsible for upholding Canada’s national electric infrastructure are subject to the above-mentioned threats. That explains why the Cyber Centre released its “Cyber Threat Bulletin: The Cyber Threat to Canada’s Electricity Sector.” This publication yields four key insights into the state of digital security for Canada’s energy sector.

Insight #1: Fraud and Ransomware Abound

According to the Cyber Centre, most of the observed digital threat attempts against Canada’s electrical organizations have involved ransomware and fraud. The latter attack category has included stealing sensitive information pertaining to a victim organization’s business operations as well as to its customers.

Looking ahead, the Cyber Centre expect that these types of threat activities will continue. Part of the reason for this prediction is the Cyber Centre’s assessment that ransomware actors are continuing to hone their creations’ abilities to spread across IT networks and infiltrate Industrial Control Systems (ICS). Acknowledging that development, the government program forecasted that digital criminals would be capable of targeting Canadian electrical ICS for extortion within the next three years.

Insight (Read more...)