OPINION: Protecting the energy sector from cyberattacks

When the Die Hard movie franchise got a reboot in 2007 the plot revolved around an attack on New York’s infrastructure, with our hero John McClane up against a gang of cybercriminals intent on gaining access to critical energy, water and transport control systems to wreak chaos and (naturally) make off with a load of cash. Fast forward less than a decade and the situation went from movie plot to stark reality, as in 2015 Ukraine battled a Russian-orchestrated cyberattack on its electricity control centre that caused massive power outages in the depths of winter. When an enemy can turn your lights off when you need them most, that’s a powerful statement of their disruptive potential. The concern for the energy sector is not just that it is under attack, it’s that the enemy is already inside its networks, gaining persistence and waiting for the opportunity to strike. Let’s take a look at the situation and how the sector can harden its systems to make sure we keep the searchlight squarely on our adversaries.