Energy under Hacktivism threat

This post is also available in: עברית (Hebrew)

35832696_mIn a conference recently held in the state of Wyoming, U.S., an FBI official of the criminal and national cyber security squad said that in light of the number of cyber attacks which occured lately, the state, and especially the energy companies in its territory, must take seriously the possible dangers for facilities supplying energy to residents. According to him, any company or business that use computers are exposed to cyber threats, but the energy companies even more so, as they are part of the state’s infrastructure which means they are in more dangers than anyone else. He specified and said that potential attackers which pose the most threat are the ones inside the system, such as disgruntled emplyees with access to company computers.

Subscribe to our newsletter.

A second source for cyber attacks are a group of hackers called Hacktivists – a combination of the words Hacker and Activists – whose goal is to steal information and cause damage in order to bring what they would consider to be a political or social achievement. The FBI official said in his review, during the conference which dealt with the issue of energy and was arranged by the Wyoming Infrastructure Authority, that hacktivism hold serious dangers since hacktivists can’t be characterized by any single or special personality patterns – the group contains activists from any political and social affiliation – and so it’s next to impossible to recognize them in advance.

One of the worst dangers for the energy field by cyber activists is stealing proffesional information which is defined as “intellectual property” such as a proprietary way to drill a well, but an even more substantial danger, one which the law enforcement authorities are losing sleep over, is a cyber attack meant to disrupt the factory’s manufacturing process, thus causing damage in the real world.

One pattern of action used to penetrate the computer network is by sending a software to an employee who unknowingly activates it and with it allows the penetration of hostile factors. After penetrating, they stay in the system and integrate into the company’s routine so they’re hard to detect as standing out. The spokesperson concluded and emphasized that in order to deal with cyber attacks on energy companies, action must be taken mainly in two ways: paying attention to revealing too much information in social networks and creating a response plan in case of a cyber attack taking place.

But dealing with results is not enough. Another spokesperson involved in matter and national and public security in the communications field in the United States claims that preventive actions must also be taken to minimize risks for a cyber attack in the future. Defending against hacktivist is a matter that may cost a lot of money, but eventually it is about a secured work place that rests mostly on using non-banal passwords that cannot be revealed easily.