Soaring energy prices and increased geopolitical tensions confronted us with many open questions regarding European energy security. The current world is deeply interconnected, especially when it comes to energy supplies and the global energy trade.
Maintaining complex, but reliable business and nation-state relationships is critical to ensuring an uninterrupted functioning of the energy supply chain. Yet the crisis in Ukraine and the consequences of various economic sanctions in European and global energy markets show that these often-durable relations can be broken, and that countries need to rethink how much energy they generate themselves, where they buy energy and how do they protect production, transmission, and distribution from the ever-increasing risk of cyberattacks.
Even before this, governments faced many cyberthreats from organised criminal groups, which have been increasingly willing to work together towards a common goal. Just witness the close cooperation in the recent years between sophisticated ransomware groups that used botnet access to target victim industries and organisations. Unfortunately, governments and industry are not always so willing to work together defensively.
In this digital age, where a near-unlimited supply of energy, especially electricity, is fundamental to the normal functioning of society, it is crucial to ensure we can not only meet our energy needs, but also guarantee that it is transported and distributed safely. So, talking about energy and energy security is increasingly a matter of cybersecurity.
However, the current climate should also highlight the need for governments, institutions, and businesses to examine the state of cyber and digital security across the energy supply chain. We must collectively recognise that computing at a global scale is massively energy-intensive, and that many popular digital technologies sit at the top end of energy-intense operations. While the EU has been focusing on renewable energies for its green transition, another potentially large source, nuclear energy, has been unpopular for the past few decades, but that too might be changing.
In February 2022, French President, Emmanuel Macron announced that France will build at least six new nuclear reactors by 2050. Most of Ireland’s electricity comes from oil and a gas pipeline that originates in Russia, Ireland’s wind, solar, hydro, biofuel, etc are still in their early stages, while none of its power comes from nuclear energy. Although some see it as a “zero-emission clean energy source”, the technology’s use for electricity generation is banned in Ireland.
Ensuring the safety of our electrical grid is just as important as making sure we can deliver the energy we need, mainly when we consider that development is now increasingly dependent on automation, largely driven by IT. “In little over a decade, cybersecurity has been transformed from a primarily technical domain centred on securing networks and technology to a major strategic topic of global importance,” notes the World Economic Forum. Today, the world is concerned about attacks against nations’ critical infrastructure systems, with recent history offering several examples of such damaging attacks. Generation, and transmission and distribution (T&D) are reliant on industrial control software like supervisory control and data acquisition (SCADA) and increasingly the internet, which in the digital age is now a part of critical infrastructure itself. We have a few examples already of what can go wrong when systems offer vulnerabilities.
“In this digital age, where a near-unlimited supply of energy, especially electricity, is fundamental to the normal functioning of society, it is crucial to ensure we can not only meet our energy needs, but also guarantee that it is transported and distributed safely.”
In 2010, a malicious computer worm called Stuxnet was deployed against Iran’s nuclear energy program, targeting SCADA systems to damage their uranium enrichment process. The deployment of this cyberweapon set the stage for the direct disruption of industrial processes. In November 2015, ESET investigated a set of unique cyberattacks targeting Ukrainian news media companies with destructive KillDisk malware that made systems unbootable. This campaign was followed in December of that year with another KillDisk variant delivered to electricity distribution companies that contained functionality to sabotage specific industrial control systems. The cyberattack operators caused a 4-6-hour power outage for around 230,000 people in Ukraine on 23 December 2015. This was the first time in history that a cyberattack was known to disrupt an electrical distribution system. A year on, ESET telemetry picked up new malware named Industroyer. ESET researchers discovered that Industroyer could affect several industrial communication protocols that are used worldwide in critical infrastructure systems for power supply, transportation control, water, and gas.
Before the Ukraine crisis, we had already seen increased activity and capability by ransomware groups and state actors targeting critical national infrastructure and its supply chain for extortion, disruption, and cyberespionage. Despite all difficulties, we can see some efforts being made, as policymakers are now more engaged on working with the scientific community on climate change and with cybersecurity specialists to ensure that progress continues for the generations to come.
Technology has allowed us to automate processes that contributed to the development and progress of humankind. The goal is to change behaviours through improved education about where the key cyber-risks lie and what simple best practices can be learned to mitigate them. Events like last summer’s Colonial Pipeline ransomware attack in the US keep reminding us of the urgency to improve our response capability. It is important to keep in mind that ransomware and other cyberthreats to energy grids and other critical infrastructure are a danger that can be avoided with proper measures and willingness to implement them.
T: 053 914 6600