It is the most important industry in the world.
Without it, nothing works.
Without the oil producers and refiners, theres no petrol to fuel our cars.
Without power plans and the supporting infrastructure, theres no electricity to keep the lights on.
Without natural gas pipelines, theres nothing to heat our homes with.
Put simply, energy is foundational to our entire economy.
Its for that reason, and that reason alone, why it presents such a tempting target for hackers.
Incidents tend to coincide with external factors, be they the price of oil, or specific geopolitical trends.
It highlights several actors that reportedly have targeted companies working in the energy sector.
One of these, APT33, is believed to have intimate links with the Iranian government.
It’s free, every week, in your inbox.
The report doesnt definitively draw a link between these events.
Its worth remembering that IT works a little differently in the energy industry.
In a normal business environment, insecure assets are readily replaced with ones perceived to be more secure.
Its unlikely theyll be replaced purely on the grounds of security.
This is especially true while energy companies are feeling squeezed on the back of rising raw-material prices.
Apparently, this has larger implications than the price you pay at the pump.
Theyre often eager to c’mon.
Unlike security professionals, theyre not pathologically suspicious.
Theyd rather be polite and accommodating than vigilant and questioning.
This isnt necessarily a fault, but just how society conditions people to behave.
Social engineering is also often the easiest avenue into a company.
Stuxnet, although brilliant, was an expensive attack.
It required a lot of sophistication, both in terms of its creation, but also in its deployment.
Addressing the social element of security has frustrated infosec professionals for years.
Its not a technical problem, which can be resolved by patching systems or changing default tweaks.
Thats easier said than done.
It paints a troubling picture of insecurity in the energy industry.
Almost all economic activity is based on the presumption of a constant and reliable supply of fuel and electricity.
When it comes to this, the ball is very much in the court of the energy industry.
TNW Conference 2019 is coming!
