U.S. energy sector is vulnerable to ransomware attacks
A quarter of the 150 top U.S. energy companies are highly susceptible to a ransomware attack, while a massive 77 percent of those have at least one leaked credential within the last 90 days, new research by cybersecurity firm Black Kite found.
A total of 28 percent of the oil sector is highly susceptible to a ransomware attack, the research says.
“Targeted attacks on the oil industry result in massive shortages nationwide, from the diversion of gas carrier trucks to consumers hoarding gas through various means,” according to Black Kite’s findings.
In May this year, a ransomware attack on the computer network of the key fuel pipeline for the U.S. East Coast, Colonial Pipeline, forced the pipeline operator to shut it down for five days. The shut down of the main pipeline for the Eastern Seaboard resulted in fuel shortages that persisted for more than a week, a run to gas stations, and a spike in gasoline prices.
Black Kite’s research also found that 25 percent of the natural gas subsector in the top 150 companies reviewed is highly susceptible to a ransomware attack, as well as 17 percent of the electricity companies in the sample.
Read: Nigeria: Finance Minister says borrowing was instrumental to country’s exit from recession
“On the surface, the energy sector has a decent cyber posture reflecting a “Good” or “B” rating. However, Black Kite Research has identified and analyzed emerging threats causing the industry to remain a prime target for cybercriminals,” the Boston-based cybersecurity firm said in its report.
Nearly half, or 49 percent, of the energy sector has a critical vulnerability due to out-of-date systems, while 74 percent of energy companies have not deployed the necessary configurations (DMARC record) to prevent email spoofing attacks, Black Kite said.
“At face value, the energy sector has a decent overall security posture. However, when you look under the hood there are areas of concern that make our nation’s energy infrastructure susceptible to crippling ransomware attacks,” Black Kite CEO Paul Paget said in a statement.
In June, following the Colonial Pipeline ransomware attack, U.S. Secretary of Energy Jennifer Granholm said there were malign cyber actors capable of shutting down the U.S. power grid or parts of it, and called for increased public-private cooperation in fending off cyberattacks.