Most Utility Cyberattacks Cause Major Disruption
Image courtesy of Blogtrepreneur under Attribution 2.0 Generic Deed, resized to 700 x 391 pixels.
New data recently published by security firm Semperis paints a dire picture when it comes to utility cyberattacks. The analysis shows that more than 60% of electric and water utilities in the U.S. and the U.K. were targeted by a cyberattack within the past 12 months, and a majority of these targeted companies suffered a ‘major disruption’ as a result.
We all know that cyberthreats are on the rise, but it now seems to be reaching ridiculous levels. Let’s take a peek at what the data shows.
The Vast Scale of Utility Cyberattacks
The report, entitled The State of Critical Infrastructure Resilience, is based on a detailed survey of IT and security professionals at 350 water treatment and power plants. 62% of survey respondents indicated that they suffered a cyberattack in the past year, and a whopping 80% claimed they were attacked multiple times. And, of those that were attacked, approximately 50% said the attack caused a disruption to normal operations, and in many cases caused permanent corruption/destruction of data or systems.
One particularly interesting finding is that about 82% of known utility cyberattacks targeted “Tier 0” identity systems such as Active Directory, Entra ID and Okta. The strategy is to infiltrate the network by logging in with a legitimate user’s credentials. In theory, this could lead to a complete loss of control over the company’s network.
So, yes, it’s clearly a troubling eye opener, but at least the report offers recommendations to promote better resilience against cyberthreats:
- Take inventory of all “Tier 0” infrastructure components to help accelerate recovery.
- Develop and maintain a best-in-class cybersecurity incident response plan, as well as system-specific incident response plans.
- Conduct exercises and drills to practice executing the cybersecurity and incident response plans.
- Focus on secure as well as speedy recovery by, for example, checking backups for signs of compromise.
There’s no doubt about it, utility cyberattacks are a major threat, and protecting against them must be a top priority for utilities in all sectors.
