Rising energy prices and rising geopolitical tensions during Russia’s occupation of Ukraine brought energy security to the forefront in Europe and the world. ESET has drawn attention to the increasing risk of cyber attacks in the process from production to distribution of energy.
Social sensitivities, especially climate change, are increasing in the world. In order to make the livable world sustainable, studies on alternative energy sources continue. Countries are trying to increase their share of energy production by using renewable energy resources more efficiently. For Hümedollarser, providing energy security is as important as obtaining clean energy.
The world appears to be deeply interconnected, especially when it comes to energy supply and global energy trade. Maintaining complex but reliable business and nation-state relations is a priority to ensure the smooth and continuous functioning of the energy supply chain. The crisis in Ukraine, the knock-on effect of the crisis on the European and global energy markets, these often long-term relationships could deteriorate and countries need to rethink how much energy they produce, where they buy and produce energy, and how they protect the transmission and distribution of energy from the growing risk of cyberattacks. is showing. In addition, in this digital age where almost unlimited energy supply, especially electricity, is essential, it is imperative to ensure the safe transmission and distribution of energy as well as meeting our energy needs. In this context, talking about energy and energy security is increasingly becoming a cybersecurity issue.
Today, IT security is a priority in the area of energy consumption. The age of digitization is largely due to the “20th Century”. It is an extension of the transition to electric life, which is the “greatest engineering achievement of the century”. It’s an ever-expanding process that applies to everything from smart homes to agricultural production, commercial transportation and other critical sectors, including energy. That’s why making sure our electrical grid is safe is just as important as making sure we’re able to provide the energy we need to power our world, especially given that progress is now increasingly dependent on automation driven largely by IT. Industry verbalization relies on industrial control software such as generation, transmission and distribution (T&D), Central Control and Data Acquisition System (SCADA), and the internet, which is now part of critical infrastructure in the digital age.
In 2010, after five years of development, a malicious computer worm named Stuxnet was distributed against Iran’s nuclear program, which was used to harm uranium enrichment processes. targeted SCADA systems. The deployment of this cyber weapon laid the groundwork for a direct disruption of industrial processes. In November 2015, a series of unique cyberattacks occurred, caused by the devastating KillDisk malware that prevented systems from rebooting, which ESET investigated and created by the BlackEnergy group, which targeted Ukrainian media companies. A month later, in December, ESET identified another variant of the KillDisk in its lineup of electrical distribution companies, which appears to contain functions to sabotage certain industrial control systems. On December 23, 2015, BlackEnergy operators caused about 230,000 people to experience a power outage of 4–6 hours in the Ivano-Frankivsk region of Ukraine. With this event, it was the first time in history that a cyber attack damaged an electricity distribution system. A year later, ESET telemetry detected a new malware called Industroyer. ESET researchers discovered that the Industroyer can communicate with a variety of industrial communication protocols used worldwide in critical infrastructure systems for power supply, transportation control, water and gas. Since these protocols were developed decades ago and are designed for use in offline systems, they have design flaws in terms of security.
Thus, by gaining access to systems running these protocols, Industroyer can directly control electrical substation switches and circuit breakers and cut power with ease. The result was a major power outage in Kiev, Ukraine. While learning the language of industrial systems designed to be isolated from the outside world is no simple task for industry operators, older and modern protocols now tied to the digital realm are less at risk with better implementation of security by design. There are broader threats, tactics, and techniques for connecting online to infiltrate, stay in, and damage virtually any power or energy system.
Enjoying the possibilities offered by technology means enjoying a greener and safer environment. Despite all the difficulties, we can see that some efforts have been made. Policymakers are now working more closely with the scientific community on climate change and with cybersecurity experts to ensure continued progress for generations to come. While no industry-scale malware has yet been encountered, other events such as the Colonial Pipeline attack in the US in 2021 remind us of the urgency of increasing our response capacity. Let’s not forget that we need to work on avoiding ransomware and other threats to critical infrastructure such as drinking water tanks, railroads, and even airplanes.