The following Energy Insight provides an overview of the topic of cybersecurity. It covers:
- The history of cybersecurity
- Cybersecurity in the oil and gas sector
- Cybersecurity in the nuclear energy sector
- Cybersecurity for the grid and smart systems
Introduction: A history of cybersecurity
refers to technologies, processes and controls that are designed to protect systems, networks, devices and data from attacks and unauthorised access.
The first instance where people had to respond to a cybersecurity attack was when the first computer worm was created in the late 1980s-early 1990s
. This shut down most of the internet and laid the foundations for the types of security problems we have had since. In the 1990s the first viruses were introduced that infected millions of computers which led to the development of antivirus software. In the late 2000s cyber-attacks became more targeted when information was stolen from millions of payment cards. Fast forward to the present day and cybercrime is highly sophisticated and hard to prevent. Companies have had to put strategies into place to deal with cybercrime and build up resilience to these attacks.
- Defend: Ensuring the UK has the means to defend itself against and respond to cyber attacks
- Deter: Ensuring the UK has the means to investigate and prosecute those who carry out cyber threats.
- Develop: Ensuring the UK has the knowledge and expertise to conquer threats and future cyber security challenges
A National Cyber Security Centre (NCSC) has been created to provide leadership and share knowledge on national cyber security issues.
In February 2017 the “Civil Nuclear Cyber Security Strategy”
policy paper was published by BEIS. This strategy supports the government by ensuring the civil nuclear sector is resilient and able to defend against cyber threats.
- Have a threat and risk management system in place
- Create an effective cyber incident response framework
- Improve the energy sector’s resilience to cyber attacks
- Expand the resources and skills needed to address cyber security
The new General Data Protection Regulation (GDPR)
was enforced on the 25 May 2018. It replaces the Data protection Directive 95/46 EC and was designed so all companies in the EU follow one set of data protection rules. It aims to change the way organisations approach data privacy and to protect all EU citizens data privacy.
Cybersecurity: oil and gas
There are three major stages
in oil and gas production that are particularly vulnerable to cyber-attacks. These are exploration, development and production and abandonment. Figure 2. Takes various aspects of oil and gas production and places them on a scale of vulnerability to cyber-attack versus the severity of cyber-attack. Geophysical surveys and seismic imaging have a fairly low risk whereas production and development drilling are high risk.
Many services have been set up to help oil and gas companies protect their assets from cyber-attacks. For example, the data service provider Dataminr
helps oil and gas companies by monitoring and protecting their assets by filtering and processing social media (mainly Twitter).
In 2010 the Stuxnet worm interfered with the nuclear programme in Iran. Stuxnet entered the computer system via a USB stick
which was inserted into a computer attached to the network at the nuclear plant. Stuxnet then searched for software that controlled the centrifuges and seized them, so it could control them itself. It made the centrifuges spin extremely fast before returning to normal about 15 minutes later. After about a month the centrifuges were slowed down for a period of time which was repeated for several months. Infected machines began to disintegrate due to the excessive speeds they were spinning at leading to Iran decommissioning about one fifth of centrifuges at Natanz.
has recently been launched which ranks countries by the strength of their cyber security (theft and sabotage) at nuclear facilities. The UK is tied in 11th place
in the ranking, behind countries such as Australia, Switzerland and Canada who occupy 1st, 2nd and 3rd spots respectively. The UK has a high number of nuclear materials across many sights which contribute to adverse security conditions. To improve our ranking more frequent personnel vetting procedures could be undertaken to lessen the threat of insider cyber-attacks.
Cybersecurity: the grid and smart systems
In 2016 hackers targeted an electric transmission station in Ukraine
, north of Kiev. The power outage lasted around an hour and approximately one fifth of Kiev’s power was lost
. This was the second year in a row that a cyber-attack was carried out on Ukraine. The name of the virus was Industroyer
and was built specifically to target industrial control systems. This is the second known virus specifically built to disrupt industrial control systems (the first virus: Stuxnet, interfered with the nuclear programme in Iran). These viruses use standardised infrastructure communication protocols to target electricity substations and circuit breakers.
Research into grid security
has been undertaken and two suggestions have been made to make it more robust. One suggestion is to add more equipment that can take over when an attack prevents a power station of transmission line from working, however, this is costly. A second approach is to analyse the risks in the systems and develop techniques that help prevent, detect and respond to attacks. To protect the smart grid
cybersecurity measures that can provide real time performance and continuous operations should be employed. Modern and secure Wi-Fi access and encrypted cloud storage should also be implemented to make sure customer’s data is secure from hacking. To safeguard the grid in the future all companies
must play a part and make sure their security systems are up-to-date.