The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 


Cyber attacks in the Energy sector and how to greatly increase your chances against being targeted.

image credit: Google
Andy Jenkinson's picture
Group CEO, Cybersec Innovation Partners

Over 15 years compliance, risk and more latterly Cyber Security.

  • Member since 2021
  • 16 items added with 8,339 views
  • Mar 31, 2021

Ever since the BlackEnergy attacks in the Ukraine and the US, it has become a sad, although well known fact that the CNI sector and specifically the Energy Sector are frequently, if not constantly targeted to either disrupt, or infiltrate networks for future planned attacks.

The question posed frequently by all sectors, is: How can we reduce the chances of being targeted and attacked?

The adage of I don't need to outrun the hungry lion, just outrun you is not too far from reality here, however, if you really want to avoid being a soft target and easily exploited victim, you must ensure your internet connectivity must be robust, fit for purpose and secure. That sounds pretty sensible and obvious I am sure, however governments, legal organisations, Intelligence agencies and yes, many Energy companies simply are not. I could cite example after example and breach after breach that gained initial access via this method, however just one will suffice. Solarwinds, the world's largest single breach that hacked 18,000 clients into the bargain in December 2020 was initially caused by a domain hijacking of an insecure Solarwinds website. I could wax lyrical about this area as I produced a white paper for the US Senate Intelligence Committee earlier this year on the subject.

Think of data as being fluid. Without a secure, one way valve that same fluid can flow in both directions. This is exactly what is happening with digital data and insecure websites whereby not just the data a company wants to share, but that data can also be accessed by others due to being an insecure website (a broken one way valve).

If you are not connected in anyway shape or form, ie you are totally air gaped, that is great, however, if you have clients, partners or any internet connection, you really must ensure that it is secure and constantly monitored to ensure security.

We do not supply Energy, however we do provide unrivaled security.



No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network® is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »