Energy Industry - Cyber-Attacks And Regulations
For many industries relying solely on NIST framework is not enough. The framework is not meant to replace their existing processes of handling cyber threats, however, by using the framework as a base, they can find the gaps in the most important infrastructure and figure out a way to harden and improve its security. For example, the energy industry is one of the most important industries and it has critical role in keeping the country safe. Therefore, most of the cyber-attacks are targeting it. In order to keep it safe, many agencies are involved in improving the best practices and standards for the industry, and hardening its critical ...view middle of the document...
After looking into the evidences, it was concluded that Russia’s motive was not political but was to gain competitiveness. Some firms had lost valuable intellectual property because of Russia’s espionage.
CrowdStrike highlighted that it had been following the activities of Russian hackers for two years, adding that it was believed that the government was behind the campaign because of technical indicators and the type of targets chosen.
On the other hand, the Wall Street Journal reported that in May 25, 2013 Iranian cyber-attackers launched series of infiltration and surveillance missions against energy companies in the United States, and successfully accessed control-system’s software they could have used to manipulate oil or gas pipelines. And it was believed that the Iranians had their hands on very sensitive information of the control systems and they have the ability to disrupt or destroy these systems in the future. The Iranian government denied its involvement in the attack, and mentioned that the cyber security was an "international issue" that needed the "collective efforts" of all the countries, but there is always a room of doubt.
China had its part in the cyber-attacks targeting the energy companies. In February 2011, China launched a coordinated attacks became known by the Night Dragon. These attacks have involved social engineering, spear-phishing attacks, and exploitation of Microsoft Windows operating systems vulnerabilities with the goal to steal sensitive data from targeted organizations.
The graph below highlight the anatomy of the attack
The attacks are many and the objectives vary, some of the countries objective is to destroy the American energy plants such as Iran’s attack, others are for the objective to steal information and intellectual property such as China and Russia. These attacks have moved beyond the legacy defense system and the U.S government has become aware of the threat and is taking serious steps toward improving the safety and security of the infrastructure.
In addition to NIST’s framework, the Department of Energy had set requirement and responsibilities for the Departmental Cyber Security Program (CSP) to protect its information systems. The CSP now is following NIST’s framework and Committee on National Security Systems (CNSS) to conduct an analysis of the threats and make decisions based on the cost and the mission effectiveness.
According to the department of Energy; the Cyber Security Program (CSP) helps in:
• Establishing line management accountability for ensuring protection of information
and information systems.
• recognizing the Department’s federated government-owned/contractor operated (GOCO) environment and appropriately integrates cyber security governance, accountability and reporting into management and work practices at all levels of
• Instituting a mission-centric, risk-based approach to the management of cyber security to ensure the confidentiality, integrity, and...