The wave of industrial action that has spread across the U.K. in recent months has now hit the utility sector. In late March 2023, approximately 1,400 offshore oil and gas workers voted to go on strike in a series of 24, 48, and 72-hour interruptions in a bid for better deals on jobs, pay, and working conditions.
According to Mark Clark, VP Sales EMEA North, Onapsis, while the strike is currently limited to electrical, production and mechanical technicians as well as skilled labourers such as crane operators, scaffolders, and riggers, it could soon spread further.
Clark says: “Even if it does not, the strike and its attendant disruptions still represent a significant opportunity for cybercriminals. It’s vital, therefore, that players in the energy sector are doing everything in their power to bolster their cybersecurity efforts, especially when it comes to things like threat detection and the protection of business-critical applications.”
Bolstering protection in an already targeted sector
Clark continues with the importance of protective measures: “That need for extra protection is even more important when you factor in how much of a target the utility sector is for cybercriminals, particularly in the UK. According to IBM Security’s 2023 X Force Threat Intelligence Index, the UK was the most attacked country in Europe, accounting
for 43 percent of cases. Of those, 16 percent were directed at the energy sector, making it one of the primary attack targets for the second year in a row.”
These attacks present multiple dangers. Clark finds: “In a worst-case scenario, they could cripple an organisation’s ability to supply electricity or gas to the respective grids. But even relatively minor business interruptions can have a deleterious impact, costing the organisation time and money. Those costs are, almost inevitably, passed on to the customer. And in the midst of the biggest cost of living crisis in decades, few customers can afford any further additions to their energy bills.”
Clark cautions that the economic disruption could increase vulnerabilities: “Unfortunately, the ongoing strikes only open up further opportunities for attacks in this already vulnerable industry. While cybersecurity departments are yet to join the industrial action, it does mean that fewer workers will be around for things like training and updates. It also opens up another angle for social engineering attacks, with attackers using it to spoof important emails. When those emails are opened and the links or attachments within them are clicked on and downloaded, the attackers have an “in” to the broader company system.”
Historical trends suggest that vulnerabilities will exist: “Given that around 80 percent of organisations have suffered one or more breaches that could be attributed to a lack of cybersecurity skills, it should be clear how the current industrial action adds to the threats faced by an industry that already has a massive target on its back.”
Invest in training, use the right cybersecurity partners
To counter these risks, aside from resolving the industrial dispute, Clark recommends learning and development: “It’s also a good time for these companies to assess where they are when it comes to their internal cybersecurity teams’ capabilities and resources. Where it’s possible to improve those resources, they should do so as quickly as possible.”
Also important is outsourcing: “But energy organisations should also look at their cybersecurity vendors. A good right security provider won’t just engage in constant research around how cybercriminals are using the latest technologies and socio-economic situations to enhance their attacks but also how those technologies can be used to improve threat detection, prevention, and defence.”
Clark concludes with: “Far better than for utility companies to bolster their cybersecurity efforts now than before it’s too late.”
