Reports
Vendors

Siemens Energy takes its playbook for cyber attacks on energy operators to the public

March 09, 2020
Siemens Energy

The company’s recommendations are even more relevant, as COVID-19 casts a spotlight on the vulnerabilities of the global economy

Siemens Energy, a subsidiary of the German conglomerate Siemens, has joined the chorus of public- and private-sector organizations expressing concern about cybersecurity in the energy sector. What’s more, the company has not confined itself to fretting about the possible consequences of a cyberattack. Instead, it has developed a playbook to inform electricity providers about their options for formulating incident response (IR) strategies. On March 6, it released that playbook to the public.

The playbook bears the title “Simulating a Cyberattack on the Energy Industry: A Playbook for Incident Response.” It walks readers through a fictional (but hardly unrealistic) scenario involving an attempt to compromise the industrial control systems (ICS) of a power company that generates and distributes electricity in a large city preparing for an election.

Along the way, it identifies the issues that the utility faces during each phase of the incident and offers recommendations on how to set priorities in situations that are complex, fluid, and marked by uncertainty about which data points might be relevant. (It also does so in a visually appealing and straightforward manner, providing clear explanations for non-specialist readers.)

[optin-monster-shortcode id=”dv4jqlr9fih8giagcylw”]

 

The energy sector’s vulnerability has been clear for some time

As noted above, Siemens Energy is hardly the first organization to address this matter.

In the U.S. alone, several government agencies have done so, with the Department of Homeland Security (DHS) speaking out in March 2018 and the Government Accountability Office (GAO) following suit in August 2019. Then in December 2018, the U.S. president’s National Infrastructure Advisory Council (NIAC), a division of DHS, issued its own report discussing the possible consequences of catastrophic failures in the energy sector.

Elsewhere, private-sector entities such as the U.S. IT giant Microsoft teamed up with Marsh, a UK-based risk consultancy, to poll energy executives about their cybersecurity concerns.

Siemens Energy’s unique perspective as an equipment manufacturer

Even against this backdrop, the playbook appears to be unique, in that it takes advantage of Siemens Energy’s position as a manufacturer of turbines and other equipment used in power plants. That is, it plays off the fact that the company designs and builds some of the operational technology (OT) that appears to be especially vulnerable to cyberattacks.

As a result, Siemens Energy is able to approach the problem from a slightly different point of view. It makes concrete recommendations for its customers – that is, for the organizations that use its products in the process of generating and distributing electric power. Additionally, it focuses on industrial and business entities, rather than talking about what government agencies and IT service providers can do.

This is a smart move on the company’s part. Siemens Energy’s parent group is preparing to spin it off later this year as part of a wider corporate restructuring campaign, and both parties stand to benefit if the playbook attracts attention.

How the coronavirus outbreak overlaps with cybersecurity considerations

But the company’s recommendations deserve attention for reasons that go beyond corporate strategizing.

As Siemens Energy offers this playbook to utilities, the COVID-19 (coronavirus) outbreak is casting a harsh light on the vulnerabilities of the interconnected systems that sustain the global economy – industrial supply chains, midstream oil and gas delivery routes, and air travel, to name just a few. These weaknesses exist independently of cybersecurity concerns, but there is a certain amount of overlap. Failures in the supply chain can prevent utilities from obtaining the hardware and software they need to keep their IT and OT systems secure. Public health emergencies can serve as a new hook for phishing and other scams.

Likewise, internet service providers (ISPs) will be under extra pressure to keep users connected, as social-distancing measures lead more employees to telecommute and more students to learn online. At the same time, they will also have to cope with a rise in the number of cyberattacks, since many of those working or learning remotely will be using machines that do not have the same protections as those used by businesses and schools.

Under these circumstances, power companies and other utilities would do well to address the underlying vulnerabilities identified in Siemens Energy’s playbook. If they do so, they will be able to marshal their resources to deal with other crises that may arise.

Jennifer DeLay Iacullo
Jennifer DeLay Iacullo is a freelance writer specializing in global oil, gas, and power engineering topics. She has covered the energy industry of the former Soviet Union, China, Africa, Latin America and North America for more than 20 years. She lives in Atlanta with her family.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Waterfall’s WF-600 unidirectional security gateway brings 'unbreachable protection' to OT/ICS networks
Waterfall, 2TS enter into cybersecurity alliance for African market
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Radiflow helps customers achieve NIS2 compliance, spurring growth in Europe
Radiflow, Exclusive Networks partner to elevate OT cybersecurity
Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Armis
Armis acquires Silk Security for $150 million to enhance AI-driven cybersecurity capabilities
Nozomi discovers five vulnerabilities in AMI MegaRAC SP-X BMC, exposing OT, IOT devices to RCE attacks
Nozomi secures US$1.25 million US Air Force contract to boost DoD critical infrastructure security
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape