More electric utilities and energy companies are turning to cybersecurity vendors for protection against attempted attacks, a growing threat highlighted by the recent disclosure of Russian hacking into their communications networks last year.

The U.S. utility sector faces millions of attempted cyber intrusions a day. Duke Energy, one of the largest power companies in the nation serving 7.6 million customers reported more than 650 million attempted cyberattacks in 2017 alone. While a cyberattack hasn’t successfully shut down the U.S. power grid, the threat is real.

“If you want to shut down the infrastructure of a country, you shut down the grid, you shut down the fuel generating refineries,” Eddie Habibi, founder and CEO of PAS, a cybersecurity firm for energy and power industries, told Bloomberg Environment. “That’s what happens at the start of a war, you attack their critical infrastructure.”

A recent alert from the Department of Homeland Security revealed that Russian actors targeted hundreds of energy and nonenergy companies’ networks in 2017, which began through spear-phishing emails sent to vendors serving the power industry in early 2016. The hackers successfully accessed one small power plant’s operational technology network, but didn’t shut it down. Five natural gas pipeline companies’ communication systems were hacked in April, but no pipelines were shut down.

“The energy sector is definitely a target for everything from criminals to nation states,” Jeanette Manfra, assistant secretary for the Department of Homeland Security’s Office of Cybersecurity and Communications, told Bloomberg Environment.

The frequency of cyberattacks on the energy sector targeting systems that run critical infrastructure, like generation plants, has increased at least sevenfold over the last seven years, Habibi said.

A cyberattack refers to an effort to access data or systems remotely, often with the intention to shut down operations, like a power grid. Cyberattackers can use malware or email intrusions to access a system and perhaps a larger computer network.

Energy companies are turning to cybersecurity providers like PAS and Siemens to better prepare for attacks. And their options are growing: There are more than 850 cybersecurity firms in the greater Washington, D.C., region alone, according to research from American University’s Kogod School of Business.

Cybersecurity vendors are working specifically in the energy sector to fill gaps due to a growing shortage of cyberprofessionals. There is a projected shortage 1.8 million cyberprofessionals globally by 2022, according to a 2017 study by the Center for Cyber Safety and Education.

In any given day, you can find at least 1,000 cybersecurity violations at a power plant, including opening scam emails, using unsecured USB drives, and sharing passwords with co-workers. DHS has said most cyberattacks are occurring in the energy sector. But that’s largely because it has been one of the best at reporting cyberattacks to DHS, according to the Edison Electric Institute.

It’s not enough to just detect cyberattacks. It’s equally important to understand, to contextualize and to prioritize.

Siemens partnered with two major cybersecurity firms in 2017 to create a managed cybersecurity business offering which helps energy clients monitor and detect cyber abnormalities. The first company partner was Darktrace, which specifically works on anomaly detection by helping companies get better visualization into their assets to see attempted intrusions.

DHS recently announced the formation of a new National Risk Management Center, which solely focuses on sharing cybersecurity information with the energy, financial, and telecommunications sectors.

The Energy Department opened its first cyber-specific office—the Cybersecurity, Energy Security and Emergency Response—in May.

Source: Bloomberg BNA