The biggest cyberattacks in the last few months included attacks on major energy companies, such as Chevron, Cheniere Energy, and Kinder Morgan. Energy infrastructure is a key critical infrastructure that is vulnerable to cyberattacks. 21 natural energy companies in the U.S. were targeted by supposed Russian hackers, a few weeks before the Ukraine attacks. Though no losses were recorded, it certainly has created a sense of urgency to heighten cybersecurity within the industry. A much-needed scenario, since 77% of U.S. energy companies are vulnerable to ransomware attacks via leaked passwords.
Another report suggests a 150% increase in ransomware attacks worldwide. We can learn a lot from past attacks too and that’s why we have compiled a list of the biggest cyberattacks on the energy industry in the past few years.
The attack on Colonial Pipeline was one of the most publicised cyberattacks in recent times. The largest fuel pipeline in the U.S. fell victim to a ransomware attack and lost a $4.4 million ransom payment to a ransomware gang. Though the FBI helped recover a significant proportion, it was a direct hit on the company’s brand image. For a company that transports roughly 2.5 million barrels of fuel daily and accounts for 45% of fuel supplies to the East Coast, having to shut down temporarily was also a crisis. The outage resulted in gasoline shortages, shutting down services, promoting panic buying among motorists and escalated gas costs.
The attack happened because of an employee’s compromised password. It seems that the company may have missed out on multi-factor authentication, a basic cybersecurity tool, to protect itself from cyber hackers.
The ARA cyber attack in February 2022 comes just a few months after a minor but similar attack on two German firms that led to the disruption of petrol supplies in northern parts of Germany. This time it had bigger implications and created a momentary continental energy crisis. Some of the companies using the terminals were SEA-Tank, Oiltanking and Evos in Antwerp, Ghent, Amsterdam and Terneuzen. Of which 11 Oiltanking sites in Germany were affected. Though the reason for the attack is unclear, the outcome mainly resulted in hampering the administration tasks and disrupting the loading and unloading of refined product cargoes. There could be further cascading effects of economic magnitude across all European countries.
The ransomware attack on Volue ASA occurred before the Colonial Pipeline attack. The Norwegian energy company was the target of Ryuk ransomware. According to Volue no ransom was paid and was able to send their cybersecurity task force to mitigate any impact. What we saw in the Volue ASA attack was that hackers were focused on the encryption of files, databases, and applications alone.
Delta-Montrose Electric Association (DMEA)
The Colorado energy company had to shut down 90% of its internal controls in January 2022 due to malicious cyberware that wiped 25 years of historical data. The energy company was forthright with its customers about the multiple energy bills they might receive.
OPEL and Electrobras
The Brazilian-utility companies COPEL and Electrobras got affected by seemingly the same ransomware gang that attacked COlonial Pipelines. The ‘DarkSide’extracted 1,000 gigs of data from COPEL’s systems, while unidentified ransomware struck Electrobras. Both electricity providers had to disconnect from the National Interconnected System which caused temporary discomfort to the many in the country. The company stated that following security protocols has helped protect the integrity of their data.
Why does it happen? It could be due to:
- Legacy OT Systems
- Exposure to Threats from Digitalization
- Standards ≠ Security
- The Skill Gap
We had explored why the power sector is prone to cybersecurity issues in detail.
How can you keep your critical infrastructure safe from cyberattacks? Benchmark best practices with the top cyber security experts and practitioners in the energy industry. Check out our upcoming forum on cyber security for Power & Utility industry- 10th edition.
You can also look at our upcoming events for a deeper dive into the hottest topics in the European Energy Industry.
Listen to some critical infrastructure security insights from our panellists at our Cybersecurity for Power & Utility conferences.
- March 24, 2022