Cyber-attacks on power infrastructure in Israel brought 2019 to a close, Energy Minister Yuval Steinitz confirmed. Steinitz shared that a “very serious cyberattack” was detected and prevented in the final months of 2019 and represented one of the more serious cyberattacks on Israeli energy facilities.
While the attack was neutralised, Steinitz said: “The disasters and calamities that can be caused by cyberattacks on nuclear reactors and power stations are beyond imagination. My understanding is that the most sensitive sector is the energy sector, for a very simple reason. If someone manages in time of war or conflict to paralyse our energy sector and our water supply chain, this is a total disaster. You can destroy the entire country, you can paralyse our ability to defend ourselves against regular military and terrorist threats.”
Yiftah Ron-Tal, chairman of the Israel Electric Corporation, confirmed that the company was subjected to some 11,000 suspected cyber events every second in 2019.
Ron-Tal, a former commander of IDF Ground Forces and chairman of Israel Ports Development & Assets Company, continues: The “IEC is probably one of the most cyber-attacked organizations in the world, but also one of the most protected.”
“These experiences led us to the following conclusions: cyber is everywhere, cyberattacks can happen everywhere or use any paths to penetrate organizations. The variety of attacks is increasing all the time and their sophistication is growing.”
In its North American Electric Cyber Threat Perspective report, security company Dragos has identified three groups which are specifically targeting power sector infrastructure.
Xenotime, the group behind the Triton cyberattack on Saudi oil and gas facilities in 2017. Xenotime has expanded its activities to North America, Europe and Australia, in addition to the Middle East. Dymalloy, a "highly aggressive and capable activity group" which has been active in Turkey, Europe and North America, and finally, Electrum, which is said to be "capable of developing malware that can modify electric equipment processes" and ICS protocols. Dragos has further warned that the group is capable of physically disruptive events.
"North American electric utilities should consider Electrum to be a serious threat," warns the paper.
What do you think? We’d love to hear from you.
Are we making mountains out of molehills?
· How utilities across the power, water and gas sectors come to grips with the reality of cyber threats.
· How you get C-Level and Board backing.
· What the risk profile for utilities around the globe is and whether some are more at risk than others.
· What other utilities are doing to protect themselves?
· If the threat is completely blown out of proportion?
· Whether you should get someone to hack you to test your defences.
Until next time!