Ed’s note: Holding critical infrastructure to ransom(ware)


The global pandemic has been good for cybercriminals. There has been a significant increase in attempted and successful attacks since the beginning of 2020 – what’s behind the increase?

The FBI has reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day. The World Health Organisation has said that efforts against their staff has increased fivefold. Interpol has said it has seen a shift away from smaller businesses and individuals to attacks targetting large corporations, governments and critical infrastructure.

Related news:
Ed’s Note: Cybercrime won’t abate – what are you doing about…
Utilities need to rev up their cybersecurity focus
Webinar recording: The Protected Plant: Assessing cybersecurity risk and building your…

As remote working as continued, criminals are taking advantage of the increased vulnerabilities – stealing data and utilising ransomware to extort money.

Utilities have not been exempt from the impacts either. In fact, it has been reported that utilities worldwide were subject to 1,780 distributed denial-of-service (DDoS)* attacks in the period 15 June – 21 August. This is a 595% increase in year-on-year attacks. In fact, the list of utilities or power sector related organisations which have been subjected to attacks in 2020 include:

  • In February, an unnamed natural gas facility in the United States was hit by a ransomware attack, shutting it down for two days.
  • In April, European utility giant EDP was the focus of a cyberattack and is facing a €10 million ($11 million) ransomware demand.
  • Also in April, several attempts were made against water utilities in Israel. The aim, it is believed, was to disrupt water supply in that country.
  • And again in April, the European Network of Transmission System Operators for Electricity (ENTSO-E) fell victim of a cyberattack.
  • In May, the grid data system for the United Kingdom was hacked but system operations remained unaffected.
  • In May, the Canadian distribution company for Wasaga Beach was the victim of a hack. It is believed to have been an attempt to extort funds from the utility.
  • In June, Enel, the multinational energy utility, was the victim of a ransomware attack

Attacks on utilities – both ransomware and DDoS attacks – are on the increase, although there has been an increase in other types of disruptive attacks as well. Many appear to be as a result of state-sponsored groups where the objective is likely to disrupt supply and create as much inconvenience as possible.

The thing is, the shutdown and shift to remote working seems to have created a ‘perfect storm’ of sorts and it is reported that the number of attacks in 2020 thus far is double the number of attacks in 2019.

As workers start returning – albeit slowly – to offices around the world – are the attempts going to slow down or have we inadvertently opened a digital Pandora’s Box of sorts? Will a more open approach to remote working mean a rethink of enterprise and operational security requirements?

Have you seen an increase in attempts to infiltrate your utility critical infrastructure, or an increase in phishing emails? What have you been doing during this time of remote work to ensure your employees are keeping themselves cyber secure and protecting not only their own but your consumers’ data? Do you believe we are seeing this increase in attempted attacks only due to the COVID-19 pandemic? Are you prepared for and constantly monitoring against intrusions?

We’d love to hear your thoughts on these questions – and others which may have piqued your interest. You can either email us at editorial@smart-energy.com or check our LinkedIn post.

Wishing you a safe and (cyber) secure week

Until next time!

*A DDoS attack uses multiple platforms in an attempt to flood a target’s system and render it unavailable, often through repeating a request or ping to such a degree that a target — in this case a utility — is overwhelmed.