Utilities, Energy Companies Vulnerable to Security Breaches

Espionage has recently come to the forefront of the cybersecurity discussion. Although financially motivated crimes still account for the lion's share of data breaches, Verizon's "2013 Data Breach Investigations Report" found that state-backed cyberspies were responsible for 19 percent of cyberattacks. One of the primary goals of any given cyber espionage campaign may be to disrupt a rival nation's infrastructure and critical industries. In the past, financial centers, telecommunications groups and government departments have fallen victim to data breaches orchestrated by foreign agents. Utilities and other energy providers have long been potential targets for cyberattacks, but cybercriminals have begun exploiting their vulnerabilities, posing a significant threat to the data security and operational control of countless enterprises.

According to the Christian Science Monitor, hackers backed by the Chinese government have been suspected of waging assaults against nearly two dozen American natural gas pipeline operations over a six-month period. Those breaches resulted in the theft of critical data that could be used to launch devastating attacks against the nation's natural energy infrastructure as well as gain control of pipeline operations, experts told the news outlet.

Malware could hinder operational safety
Meanwhile, a South Korean drilling rig fell victim to a penetrating malware attack that significantly compromised its operations, Fuel Fix reported. The malware managed to proliferate throughout the rig's systems, infecting its blowout preventer, a critical safety component. According to the source, that infection could have seriously compromised engineers' ability to address an emergency scenario, potentially resulting in a well blowout, explosion or oil spill.

In addition to the potential environmental and physical damage as well as the danger posed to rig workers, these malware threats represent a significant financial threat. The rig in question was shut down for 19 days as technicians purged the malware from its system. Other infected rigs also halted their operations while workers addressed the issue. The cost of shutting these facilities down for an extended period of time is substantial.

Structural oversights present danger
Aging and insufficiently protected equipment may be exacerbating these threats even further. A recent study discovered that more than 114,000 industrial terminal servers connected to the internet were insecurely configured, Computerworld reported. By exploiting this vulnerability, hackers could access the servers' networks and potentially gain control of any system connected to them, including traffic lights, fuel pumps, building automation and oil pipeline humidity and temperature monitoring equipment.

Although terminal servers support authentication measures that control access to their systems, these controls do not extend to any attached serial ports. Furthermore, many of the systems were lacking sound encryption solutions to secure communications between networks. The study's researchers recommended that enterprises deploy authentication measures to control the access of serial ports as well as data encryption software to prevent hackers from compromising information.