In this contributed blog, John Cullen, strategic marketing director for digital identity at Thales, a French defence company specialising in electronics, explains how energy sector companies can tackle cyber threats.
Digital transformation brings both risk and reward for the energy sector. While the integration of digital technologies establishes greater efficiencies and transparency for both energy firms and end users, this increased connectivity has also made the sector more susceptible to cyberattacks.
Thales’ 2024 Data Threat Report found that 42% of critical infrastructure companies, including energy firms, have suffered a cyber breach to date. IT security provider Check Point One found that utilities industry averaged 1,728 weekly attacks per organisation in 2024. This represents a staggering 47% year-on-year increase from the same period in 2023.
The energy sector is crucial to everyday life, making it a common target for bad actors. These attacks can disrupt power supplies, affect essential services, and pose a serious threat to national security. In response, resilient and robust cybersecurity strategies are needed.
What are the risks currently facing the sector, and how can energy firms proactively tackle these threats?
The Risks of Connectivity
The integration of digital technologies, such as smart grids, Internet of Things (IoT) sensors, and automated control systems, are optimising energy distribution and enabling real-time monitoring. However, there are associated cybersecurity challenges and vulnerabilities that organisations and governments must consider.
Principally, the growing connectivity of smart grids and smart meters, for example, creates more potential entry points for cybercriminals to exploit, with a single compromised device possibly leading to the disruption of entire energy systems. The proliferation of IoT devices in smart grids also expands the attack surfaces, particularly as many of these devices lack strong cybersecurity controls.
Lastly, weak security within the wider supply chain can introduce vulnerabilities which attackers can exploit, meaning a criminal may compromise a vendor or supplier as a gateway to energy networks. The industry must therefore consider potential vulnerabilities across the entire supply chain and in every connected device.
The Impact on the Energy Sector
The consequences of a successful cyberattack on the energy sector can be severe. A compromised power grid, for example, can see cybercriminals steal, divert, or compromise energy supplies, disrupting operations and leading to mass-scale outages and shortages.
This can result in blackouts that may affect millions of people, and weakened infrastructure. One of the most well-documented examples is the series of cyberattacks against Ukraine’s power grid in 2015 and 2016, where Russian-backed hackers successfully infiltrated Ukraine’s electricity systems, causing widespread blackouts.
Elsewhere, energy firms’ firewalls and intrusion detection systems may not operate effectively in the event of a system breach, leaving networks vulnerable to data loss or compromise. This risks stolen critical data and customer information ending up in the wrong hands.
Economic disruptions are another significant impact of cyberattacks. These attacks can worsen existing supply chain issues, causing delays in production and distribution, which in turn affects global energy prices. Rising costs driven by short supply and high demand can lead to financial strain on energy providers.
These costs are often passed to the consumer, resulting in higher energy bills and increased financial burdens on households and businesses, fuelling dissatisfaction. Additionally, potential regulatory fines can further burden the financials of energy companies. And the costs are nothing to be sniffed at – GlobalData found that the average cost of data breaches reached $4.72 million (£3.56 million) in the energy sector alone in 2022.
How we can mitigate these threats
To counter these growing threats, robust, comprehensive cybersecurity measures are essential to ensure multiple layers of defence:
- Establish the foundations: Adopting a “secure by design” approach ensures cybersecurity isn’t simply treated as an afterthought. Unlike retrofitting cybersecurity into legacy tech, “secure by design” prioritises building robust security mechanisms into the foundational architecture of a product or system from the outset.
- Safeguard data sources: Protecting sensitive data with the highest levels of encryption will be essential to prevent data tampering. This encryption will create a fortified barrier against those looking to exploit data or compromise systems. Implementing multi-factor authentication will also help ensure stricter access controls.
- Stress-test infrastructure: To combat cyber threats, it is also important to regularly stress-test your infrastructure. Simulating real-time scenarios in a secure, offline environment can help identify vulnerabilities in networks ahead of time, run hypothetical demos to highlight the impact of outages, and allow operators to assess and improve their cyber-threat preparedness.
- Real-time monitoring: Deploying continuous monitoring and advanced threat detection tools can alert operators when systems are under attack, or when suspicious behaviour is detected, allowing them to act appropriately to mitigate the threat swiftly.
- Ensuring compliance: It is critical to understand and ensure compliance with evolving regulations to help enforce cybersecurity standards. In fact, only 17% of CI organisations who achieved data protection compliance have any breach history whatsoever, and just 2% have been impacted by a breach in the last 12 months. The ROI of compliance is clear.
The energy sector is at a critical juncture: its inevitably growing reliance on digitalised technologies must be met with robust cybersecurity measures.
As cyber attacks continue to rise in volume and complexity in this sector, it is imperative that energy companies adopt comprehensive strategies that protect their critical infrastructure. While the knock-on effects may inconvenience businesses’ operations and dissatisfy customers, in extreme cases, it can cause serious consequences for public safety and health, too.
