Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Defining the threat in the energy sector

John Bryk | April 12, 2016
What are the categories of adversary faced by the energy sector in 2016? By analyzing their motivation and procedures we gain a better understanding of who might be a target and why.

Cyber espionage

Cyber espionage is the use of computer networks to gain illicit access to confidential information. Cyber espionage is normally the domain of the nation-state and is designed not to disrupt operations. These attacks normally go unnoticed for long periods of time. APTs have resided within computer networks and accessed information at will for years. 

Cyber espionage has two primary motivations. One is to collect data for economic espionage. The other is to develop human targets through stolen employee data. A system administrator may have financial problems indicated in credit reports. The nation-state can offer the system administrator payment in exchange for access to corporate networks. This facet of cyber espionage is an external driver that creates aninsider threat.

Segmenting administrative and operational networks and creating least-privilege user accounts, are effective countermeasures. Establishment of an internal reporting system for employees to report suspicious, foreign, or "just strange" contacts is helpful to defeat the insider threat development cycle, as is monitoring user behavior.

Cyber attack

Cyber attack is the rarest form of cybersecurity risk. Cyber attack meets a threshold that justifies military action on the part of the victim's nation. These normally would involve widespread degradation, disruption, denial or destruction of critical infrastructure. Though most intrusions are colloquially referred to as "attacks," an actual cyber attack is an act of war.

Good cyber hygiene and adherence to DHS guidelines and NIST frameworks are the best places to start building a wall against cyber attack.

What does it all mean?

Having categorized the threat actors and their motivations, we can look at those threats in light of both the real and the cyber environments and begin to make some predictions about what 2016 will bring us. In Part 2 of Defining the Threats of 2016 I'll make some audacious predictions about what this year will bring in the way of threats to Energy Sector ICS and perhaps point towards areas where our cyber dollars will potentially give us the most bang for our buck.

Source: CSO 

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.