Yes, according to a cyber threat report from the Australian Cyber Security Centre (ACSC). The sector recently broke into the top 10 most targeted rankings in 2022.
The ACSC’s latest annual threat report indicates a substantial rise in malicious actors targeting energy and utilities companies. While breaches at companies like Medibank and Optus dominated headlines, 2022 also saw attacks on Energy Australia and AGL, along with an unnamed energy provider.
It’s a serious concern since the energy sector undergirds almost every other part of Australia’s economy and wellbeing. In an Energy Networks report, the most vulnerable areas are the grid and all the sub-components within it: substations and control systems, along with the growing number of distributed technologies and larger volumes of sensitive customer data.
So why are these organisations becoming an increasingly popular target? And what does it mean for the resilience and security of this critical sector?
First off, the energy sector is crucial to countries’ infrastructure and economies, making it a prime target for any groups wanting to sow chaos or steal assets.
Additionally, the sector’s increasing digitisation makes it more vulnerable to cyber threats. Of course, many industries and sectors are similarly grappling with larger attack surfaces as they become more reliant on digital technology. Embracing digital technologies is necessary for greater efficiency, better user experiences and finding sustainable solutions – but it also opens the door to even more cyber risks.
The energy sector is in an especially tricky position, partially because of its ongoing evolution. Energy companies and infrastructure often blend a mix of old and new technologies. While the older technology wasn’t designed with security concerns in mind, newer technology brings its own set of security challenges. For example, internet of things (IoT) solutions create even more attack vectors and collect even more data than the technology solutions of yore.
When it comes to cyber attacks, the motivations of hackers and scammers can vary wildly. Some might be in it for the money, looking to steal valuable data or hold critical systems for ransom. Others could be driven by political motives, aiming to destabilise a nation or create tension between countries.
There are also cyber-crime groups that can best be described as a combination of financial and political motivations. Some hacker groups are commissioned by nation-states looking to extract sensitive data from geopolitical rivals and the mercenary group will try to plunder financial assets at the same time. In other words, they’re guns for hire but they might also try to steal a little cash, as a treat.
In Australia, it’s worth noting that the vast majority of reported cyber-crime is financially motivated. In the Australian Cyber Security Centre’s (ACSC) Annual Cyber Threat Report, the top eight cyber-crimes were all financially motivated.
Federal security regulations already task the sector with certain defences. The 2018 Security of Critical Infrastructure Act (SOCI), along with a recent amendment, imposes fines and penalties on any owner or operator of ‘critical infrastructure’ that fails to meet specified security standards.
Some of those newer obligations include:
These regulations likely require an update to account for rapid advancements in areas like IoT and generative artificial intelligence (AI). In the meantime, energy providers and other organisations in the sector should be looking for solutions and processes that arm staff with reliable information while establishing safeguards across every function.
Even those organisations who have strong security postures will need to consider that the sector is in cyber-criminals’ crosshairs – this means their defences are only as strong as the security of their suppliers and partners. Across entire supply chains, employees are vulnerable to increasingly sophisticated social engineering tactics and other cyber-crime tactics. Processes and systems should be built with the assumption that, somewhere, sometime, a breach will occur.
For finance leaders, that means looking at how cybersecurity strategies align with their financial controls and processes. These leaders are in vital positions to drive cyber-crime strategies that protect the part of the organisation they’re most responsible for defending: financial assets.
Crowdstrike outage aftermath: Government warnings, scam attempts, and essential steps to safeguard your business from cybercriminals.
See how a Rite Aid data breach compromised 2.2M customers’ data through an elaborate impersonation attack. Learn about the risks and preventive measures.
All the news, tactics and scams for finance leaders to know about in July 2024.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.
