• The threat landscape focusing on electric utilities in North America is expansive and increasing, led by numerous intrusions into ICS networks for reconnaissance and research purposes and ICS activity groups demonstrating new interest the electric sector. • Attacks on electric utilities can have significant geopolitical, humanitarian, and economic impact. Thus, state-associated actors will increasingly target power and related industries like natural gas to further their goals. • One significant threat includes active supply chain compromises by activity groups targeting original equipment manufacturers, third-party vendors, and telecommunications providers. • Research into the 2016 CRASHOVERRIDE attack demonstrates the adversary’s intent and ability to target protection and safety operations to cause prolonged outages, equipment destruction, and human health and safety concerns. • Utilities are slowly improving visibility in electric operational environments, and current regulatory standards in North America ensure the electric power sector maintains a minimum level of cybersecurity for all of the in-scope facilities. Further recommendations are included in this report for asset owners and operators to address cyber risk in their operations environment. • The complete “energy infrastructure sector” (electric, oil and gas, etc) of all countries are at risk as companies and utilities are facing multiple global adversaries. Cyberattacks are an increasing means to project dominance using cyberattacks in the energy domain.
To read the complete article see: