Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Energy sector. Show all posts

Cyber Security: A Rising Threat to Australia’s Renewable Energy Campaign

 

Australia is striving to become a more energy-efficient nation. The Australian Renewable Energy Agency recently announced a $100 million effort to research and develop solar energy technologies. Further investments in energy storage, pumped hydro, and low-carbon systems may be equally substantial. 

However, the nation must also address an underlying issue: the integration of solid IT and software foundations into the OT systems that power the grids. Without these, Australia may struggle to fully meet its renewable energy goals.

Combination of IT and OT

OT refers to software and hardware that identifies or creates changes in the enterprise by directly monitoring and controlling physical devices, processes, and events. IT refers to the use of systems, particularly computers and telecommunications, to store, retrieve, and transmit information. 

Traditionally, these two types of technology have been kept segregated and controlled separately. However, the combination of OT and IT is critical for the modernisation of energy networks. According to IBM, the integration must be effective in four areas: 

Smart meters: It detects energy usage in real time at the consumer's end, delivering comprehensive consumption patterns to both the consumer and the energy provider. 

Sensors and automation devices: These are used across the grid to monitor voltage, current, and load capacity, among other metrics. They can automatically alter parameters to avoid overloads and long-term, large-scale outages.

Communication networks: As the backbone of any smart grid, communication networks enable data transmission between diverse components such as sensors, automated devices, and control centres. Transmission systems can be wired or wireless, and can use a variety of protocols and communication technologies, including Wi-Fi, Z-Wave, Zigbee, and 4G/5G. 

Software and analytics: Smart grids generate vast volumes of data. Utility companies use complex software and analytics technologies to handle, analyse, and interpret this data. This software, and the data it gives, can assist providers in predicting demand patterns, identifying potential concerns, and optimising the distribution network. 

Cyber threats 

Australia is at serious risk of facing cyber threats via OT technology, which will have an impact on the country's renewable energy aspirations. With 82% of organisations suffering cyber attacks via OT systems, there is an increasing risk being brought into Australia's electricity grid as it digitalises.

The country is also becoming more reliant on a highly decentralised energy approach, which increases the attack surface significantly. Rooftop solar, for example, consists of solar panels installed on individual homes and businesses that are then connected to the grid via IoT devices, software, and digital technologies. This has contributed to 40% of Australia's energy being supplied by renewable sources. 

Need to increase investment 

For Australia to sustainably harness renewable energy, it must lay solid IT foundations. The Australian Energy Sector Cyber Security Framework is a positive regulatory step that builds on successful frameworks like the U.S. Department of Energy's Electricity Subsector Cybersecurity Capability Maturing Model and aligns it with Australian-specific control references like the ACSC Essential 8. 

However, the IT channel, which includes IT professionals and service providers, as well as IT experts, must bring the skills and expertise required to manage and protect integrated energy systems. This includes knowing the particular issues of OT environments as well as how to effectively implement IT solutions. This strategy can help Australia achieve a renewable energy transition that is both successful and secure against an increasing number of cyber threats.

Experts Predict AI to Create Job Opportunities in Energy Sector

 

The latest the findings from Airswift's ninth annual Global Energy Talent Index (GETI) survey show a significant shift in opinion of the impact of artificial intelligence (AI) on the employment market in the energy industry. Contrary to popular belief, more than 90% of questioned experts believe AI will increase the necessity for human skills ranging from technical proficiency to creativity and problem-solving ability. Furthermore, nearly half of respondents (46%) believe that AI deployments will lead to higher earnings.

The survey, which includes insights from 12,000 professionals in 149 countries, highlights the numerous perceived benefits of AI integration in the workplace. The predicted increase in productivity is the most important of these benefits, according to 74% of respondents. Furthermore, 60% feel that AI will improve their career prospects and job satisfaction.Notably, more than half of the participants (54%) are optimistic about improved work-life balance, noting AI's ability to streamline activities and free up more leisure time. 

AI concerns and hurdles 

Despite the general optimism, professionals raise concerns about AI's impacts in the workplace. The perceived lack of human touch associated with AI is the most common fear, according to 42% of respondents. Moreover, 33% of respondents expressed concerns about potential misuse or inadequate adoption due to insufficient training. Cybersecurity issues are also a source of conflict, with 30% expressing concern about potential vulnerabilities.

Furthermore, the survey indicates a significant gap in AI policies among workplaces. Half of the respondents say their organisations do not have AI policies, while 17% are unsure whether such regulations exist. Only 52% of respondents who acknowledge the presence of AI policy confirm coverage of critical areas such as data protection and security. 

Professionals report various challenges to widespread AI adoption, such as ambiguity about appropriate AI tools and a perceived lack of investment. Despite these limitations, the overall sentiment remains positive, with 82% of respondents believing AI has the ability to improve the energy sector.

While 82% of energy professionals are optimistic about AI's potential, substantial impediments prevent widespread deployment. Among these challenges are concerns about which AI technologies to utilise and a perceived lack of investment in AI initiatives. These constraints lead to a slower rate of AI integration in the energy sector, with only 24% of oil and gas personnel now using AI technologies in their jobs.

Sector-specific data 

The survey analyses sector-specific perceptions of AI integration. Notably, professionals in the nuclear energy sector have a particularly positive perspective, with 69% expecting AI to drive productivity gains in the next two years. In contrast, individuals in the oil and gas sector report the lowest levels of AI integration, with only 24% incorporating AI technologies into their employment.

The GETI report provides insight into how AI use is changing in the energy sector and highlights professionals' varied points of view. Though there is a lot of hope for AI's potential advantages, worries about how it may impact cybersecurity, legal frameworks, and the nature of jobs persist. In order to fully utilise the technology's potential to encourage innovation and long-term growth, the industry will need to take proactive steps to plug talent gaps, improve cybersecurity processes, and promote a culture of responsible AI adoption.

FBI Warns Energy Sectors: Chinese and Russian Hackers may Actively Target Energy Sector


According to a recent notification sent by the FBI to the energy industry changes in the global energy supply will most probably result in an increase in the number of Chinese and Russian hackers attacking significant energy infrastructure.   

The notification, released on Thursday, lists several contributing causes, including rising LNG exports from the United States, shifts in the global crude oil supply chain favoring the United States, continued Western pressure on Russia's energy supply, and China's reliance on imported oil. 

The alert, however, did not mention any particular advanced persistent threat (APT) group linked with China or Russia, nor did it cite any cybersecurity incident targeting critical infrastructure. Instead, it makes general mention of how appealing U.S. networks are to foreign hackers and cautions recipients that Chinese and Russian hackers are always looking to examine important systems and improve their capabilities to exploit vulnerabilities they find.

According to Brian Harrell, former assistant secretary for infrastructure protection at the Department of Homeland Security and now an energy sector executive, “Utilities see probing and low-level attempted attacks every day by the Russians and PRC.”

These low-profile attacks help hackers to get an insight into the important aspects of specific systems like where a target has open ports or determine potential firewall restrictions. “China doesn’t make a lot of noise, but the small localized intrusions are helping build their network attack capabilities, likely for future use[…]There’s no doubt that the energy sector is on the front lines of malicious cyber-activity right now as China preps the battlefield,” Harrell added.

As the notification suggests, Chinese hackers have exploited certain US entities by conducting “post-exploitation activity with generic reconnaissance commands using ‘live off the land’ tools.”

“Living off the land,” certainly means an attacker is exploiting tools or features that are already present in the target environment. For instance, sneaky varieties of ransomware like WannaCry and LockBit have covered their tracks and survived inside a network by using a default Windows binary, an existing piece of operating system code. 

The warning states that state-backed Chinese hackers have been targeting common vulnerabilities since 2020, in order to, “target US and allied networks and software/hardware companies to steal intellectual property and develop access into sensitive networks to include critical infrastructure, defense industrial base sectors, and private sector organizations.”

However, the FBI declined to comment on the notification.

The notification further highlights how the Russian invasion of Ukraine altered the world's energy supply chain, citing Western sanctions as a "significant driver" of recent changes in the LNG supply chain. According to the notification, the modification will probably lead to an increase in Russian hackers' targeting of the American energy sector.

In 2022, 74% of Europe’s LNG imports originated in the U.S. the notification said, noting that the US was able to meet European LNG demand. 

It also added that since 2016, Russian hackers have targeted state agencies and several US-based critical infrastructure sectors by, “staging targets networks as pivot points and malware repositories when targeting their final intended victims.”

Russia-Aligned Hackers Trying to Disrupt Canada's Energy Sector

 

The most recent threat assessment from Canada's Communications Security Establishment (CSE) reveals that non-state threat actors aligned with Russia are expected to persist in their efforts to infiltrate the country's oil and gas sector. The CSE warns that these malicious actors will likely continue their activities until the conflict in Ukraine is resolved. 

This information was disclosed on Wednesday as part of the CSE's latest threat assessment report. Further, the Communications Security Establishment (CSE), said that although non-state threat actors associated with Russia potentially lack the same level of sophistication and technical capabilities as state-sponsored actors, however, they still possess the ability to cause significant harm. The CSE emphasizes that despite any limitations, these actors should not be underestimated in terms of their potential impact. 

"We assess there is an even chance of a disruptive incident in the oil and gas sector in Canada caused by Russia-aligned actors, due to their higher tolerance for risk, the increase in their numbers and activity, as well as the number of vulnerable targets in the sector overall," CSE said in its warning report. 

According to the agency's findings, individuals aiming to disrupt Canada's oil and gas supply are primarily focused on exploiting vulnerabilities at critical points, including networks comprising wide-diameter pipelines, transfer terminals, and significant refining facilities. 

This assessment follows the release of confidential U.S. intelligence documents a few months ago, which indicated that hackers supported by Russia managed to penetrate Canada's natural gas distribution network. 

Canada, as the fourth-largest oil producer globally, boasts a substantial oil and gas sector that plays a significant role in its economy. With approximately 600,000 employees and contributing around 5% to the country's GDP, the sector holds considerable importance. 

Additionally, the Communications Security Establishment (CSE) has identified operational technology networks responsible for monitoring and controlling large-scale industrial assets as the primary target for cyber-attacks orchestrated by pro-Russian hackers. 

What makes the energy sector prone to cyber-attacks? 

According to cyber security firm Hornetsecurity, the energy sector has experienced a significant number of cyber attacks, representing at least 16% of reported incidents. The COVID-19 pandemic and the shift to remote work have contributed to an increase in attempted attacks, as reported by experts from the Edison Electric Institute, an American energy lobby group. 

George Patterson, the director of Arrowforth, a cyber security recruitment specialist based in Oxford, suggests that younger generations, who make up a significant portion of cyber hackers, perceive the energy industry as unethical. Exploiting this perception, hackers target the industry knowing that energy companies possess financial resources and are more likely to pay ransoms to ensure uninterrupted operations. 

Kristin Bryan, a senior associate at Squire Patton Boggs (UK), notes the critical nature of the energy sector and its interconnectedness with global supply chains. A cyber attack on energy companies can have far-reaching impacts, compelling affected companies to quickly pay ransoms. Additionally, companies may find it more cost-effective to pay the ransom through their cyber security insurance policy rather than undertaking expensive data recovery measures themselves.

Iran’s Atomic Energy Organization Confirms E-mail Hack

 

The Atomic Energy Organization of Iran (AEOI) has confirmed that an anonymous “foreign country” has hacked an e-mail server belonging to one of its subsidiaries and allegedly published the information online, as per reports. 

The Iranian threat actor, named ‘Black Reward’ in a statement posted on his Twitter handle says that it has released the hacked information relating to Iranian nuclear activities. The hackers describe their action as an act of support for the Iranian protesters. 

The said protests continue in Iran after the death of Mahsa Amini (22-year-old) in September, who apparently died in police custody for not following the strict Islamic dress protocol of the country. The violent protest and street violence resulted in several deaths of protesters, along with that of security force staff. Furthermore, hundreds of demonstrators have allegedly been detained. 

A statement published by the Black Reward on Saturday showing support for the protests, read “In the name of Mahsa Amini and for women, life, and freedom.”  

The hacking group threatened the Iranian state to leak the hacked documents of Tehran’s nuclear program if they would not release all the prisoners and people detained in the protests, within 24 hours. Additionally, the group demands the release of political prisoners, claiming to have leaked 50 gigabytes of internal emails, contracts and construction plans relating to the country’s Russian-sponsored nuclear power plant in Bushehr, publishing files on its Telegram channel. 

According to the statement shared by the hacking group, the released information includes “management and operational schedules of different parts of Bushehr power plant,” passport and visa details of Iran and Russia based specialists working in the power plant and “atomic development contracts and agreements with domestic and foreign partners.” 

Although the atomic energy organization’s general department of public diplomacy and information denied the relevance of the released data, stating “this move was made with the aim of attracting public attention” 

“It should be noted that the content in users’ emails contains technical messages and common and current daily exchanges […] It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention, create media atmospheres and psychological operations, and lack any other value,” the organization confirmed.

FBI Witnesses Rising Russian Hacker Interest in US Energy Firms

 

Since the outbreak of Russia's war against Ukraine, the FBI has detected an uptick in Russian hackers' interest in energy firms, though it gives no evidence that a specific attack is planned. 

According to an FBI advisory received by The Associated Press on Tuesday, Russian hackers have assessed at least five energy businesses and at least 18 other companies in sectors such as military and financial services for vulnerabilities. None of the companies is identified in the advisory. 

Scanning a network for vulnerabilities or flaws is widespread, and it does not always mean that an assault is on the way, though it can be a sign of one. Nonetheless, the FBI's Friday warning highlights the Biden administration's increased cybersecurity concerns as a result of Russia's war in Ukraine. The White House said on Monday that there was "evolving intelligence" suggesting Russia was planning cyberattacks against critical infrastructure in the United States. 

At a White House press briefing, Anne Neuberger, the White House's deputy national security advisor for cyber and emerging technologies, expressed disappointment that some critical infrastructure firms have failed to repair known software vulnerabilities that Russian hackers may exploit. The FBI advisory lists 140 internet protocol, or IP addresses it claims have been linked to critical infrastructure scans in the United States since at least March 2021. 

According to the alert, scanning has grown since the beginning of the war last month, leading to a greater likelihood of future incursions. The FBI acknowledges that scanning activity is frequent, but the IP addresses have been linked to the active exploitation of a foreign victim, which resulted in the victim's systems being destroyed, according to the advisory.

Mobile Phishing Attacks Surge, Researchers Warn Energy Sectors

 

There has been seen a surge in cyberattacks, threat actors are extensively going after mobile phishing attacks and victimizing the energy sectors, pharmaceuticals industries, government entities, and finance departments by targeting workers with phishing and malware campaigns designed to take advantage of potential security vulnerabilities in smartphones and tablets. 

Recently, a report has been published by cybersecurity researchers at Lookout in which they warned energy sectors against cybercrimes. According to the report, there has been a great surge from 2020 (161%) in mobile phishing attacks targeting the energy sectors. Threat actors strive to break into networks used to provide services including gas and electricity. 

Cyber attacks through mobile phishing against energy sectors globally account for around 17% which is higher than other sectors including finance, pharmaceuticals, government, and manufacturing. Notably, these independent cyber criminals are not the only threat against energy sectors, state-backed threat actors are also targeting networks of energy providers.

"The energy industry is directly related to the wellbeing and safety of citizens, globally," Stephen Banda, senior manager of security solutions at Lookout, reported.

"Threat actors know that mobile devices aren't usually secured in the same way as computers. For this reason, mobile phishing has become one of the primary ways threat actors get into corporate infrastructure," said Banda. 

"By launching phishing attacks that mimic the context that the recipient expects, attackers are able to direct a user to a fake webpage that mimics a familiar application login page. Without thinking, the user provides credentials and data has been stolen," he added. 

Phishing emails and malware become more difficult to notice in smartphones and tablets because the smaller screen provides very few opportunities while smartphones and tablets might not be secured as comprehensively as laptops and desktop PCs, it creates opportunities for attackers to compromise networks. 

 "The majority of attacks start with phishing, and mobile presents a multitude of attack pathways. An anti-phishing solution must block any communication from known phishing sites on mobile devices — including SMS, apps, social platforms, and email," said Banda.