The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Post

Latest Protection Techniques to Defend Against Cyber Attacks

image credit: © Benjawan Sittidech | Dreamstime.com
Julian Jackson's picture
Staff Writer, Energy Central BrightGreen PR

Julian Jackson is a writer whose interests encompass business and technology, cryptocurrencies, energy and the environment, as well as photography and film. His portfolio is here:...

  • Member since 2020
  • 500 items added with 186,007 views
  • Dec 13, 2022
  • 199 views

As 2023 dawns, utilities and other infrastructure companies need to ensure that their defenses are up to date. IBM’s Cost of Data Breaches Report 2022 estimates an average cost of $4.5m per attack. Amongst the 550 companies that IBM contacted that had experienced a data breach, unfortunately 83% had experienced at least two during this period.

The FBI notes that as many as 2,048 ransomware reports were filed in 2021, and the Financial Crimes Enforcement Network reports there were 68 variants of ransomware in that same year, relieving companies of over $590 million in ransom payments.

 

Defense Systems: Next Generation FireWalls (NGFW)

Firewall technology has been used by organizations and individuals looking to secure their networks and applications for decades now. The latest systems: Next-Generation Firewall (NGFW) applications are the third generation of firewall software technology, upgrading network and endpoint security capabilities for increased security.

NGFWs are improved software which seamlessly combines the capabilities of first-generation firewalls with a variety of modern network security packages such as device filtering, in-depth packet inspection, and intrusion prevention capabilities. ICT Managers should look to install NGFW systems from top security providers.

 

Ransomware and other Cyber Attack Vectors

MITRE ATT&CK is a free global resource with documented information on how to identify adversarial behaviors, threat models and ransomware techniques. MITRE also offers mitigation tactics based on collected data to improve defences. An understanding of these intrusion tactics helps organizations devise better plans to detect and avoid worst-case scenarios.

 

What Do All Ransomware Attacks Seek?

All ransomware payloads need to encrypt your data, which means they use an algorithm to seize user and system files. Common techniques used to do so are well documented in MITRE framework under the “Impact” Tactic.

 

Avoiding Detection

For malware to be successful, it needs to bypass existing security controls. The “Defense Evasion” Tactic lists some of these attack vectors, such as renaming system utilities, indicator removal, clearing event logs, using abuse profile installers and disabling security tools.

 

The Hackers Objective: Ransom

This is the preferred out come for the malicious actors, but it is bad for the company, and also illegal.

 

How to Improve Defenses and Foil Cyber Attacks

The first step to improve a utility's cybersecurity defense is upgrading or replacing outdated legacy computer systems that are more vulnerable. What might have worked well for a business or government organization for inn the past may not be adequate now to prevent malware attacks.

The cost of replacement will pale in comparison to the cost of downtime and the loss of clients and customers once a cyber attack goes public. Install improved monitoring systems to give early warning of an incoming threat, and limit the number of administrative accounts only to necessary high-security clearance users.

Next, improve employee training to ensure everyone at all levels of the hierarchy understands that for companies with critical infrastructure missions, data security is a primary responsibility. Employees need to be constantly reminded not to click on phishing attacks in suspicious emails.

There are cyber insurance policies available, but usually insurers demanding improved cybersecurity before covering claims for incident response, loss of information and compliance/regulatory costs.

 

The Benefits Of Cybersecurity Preparation

Cyber attacks do not have to be inevitable. Recognizing the commonalities these intrusions share can lead to upgraded operating systems, heightened security monitoring procedures and improved defenses, overseen by employees with constantly upgraded skill sets.

With the more dangerous hackers looking to advance their own malware and skills on a regular basis, recognizing the latest cyberattack trends to stay one step ahead to protect data, and in some cases, to simply avoid calamities befalling any type organization, agency or business.

Discussions

No discussions yet. Start a discussion below.

Julian Jackson's picture
Thank Julian for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »