Cyber attacks in the Energy sector and how to greatly increase your chances against being targeted.

Ever since the BlackEnergy attacks in the Ukraine and the US, it has become a sad, although well known fact that the CNI sector and specifically the Energy Sector are frequently, if not constantly targeted to either disrupt, or infiltrate networks for future planned attacks.

The question posed frequently by all sectors, is: How can we reduce the chances of being targeted and attacked?

The adage of I don't need to outrun the hungry lion, just outrun you is not too far from reality here, however, if you really want to avoid being a soft target and easily exploited victim, you must ensure your internet connectivity must be robust, fit for purpose and secure. That sounds pretty sensible and obvious I am sure, however governments, legal organisations, Intelligence agencies and yes, many Energy companies simply are not. I could cite example after example and breach after breach that gained initial access via this method, however just one will suffice. Solarwinds, the world's largest single breach that hacked 18,000 clients into the bargain in December 2020 was initially caused by a domain hijacking of an insecure Solarwinds website. I could wax lyrical about this area as I produced a white paper for the US Senate Intelligence Committee earlier this year on the subject.

Think of data as being fluid. Without a secure, one way valve that same fluid can flow in both directions. This is exactly what is happening with digital data and insecure websites whereby not just the data a company wants to share, but that data can also be accessed by others due to being an insecure website (a broken one way valve).

If you are not connected in anyway shape or form, ie you are totally air gaped, that is great, however, if you have clients, partners or any internet connection, you really must ensure that it is secure and constantly monitored to ensure security.

We do not supply Energy, however we do provide unrivaled security.