However, in recent years a new and potentially more insidious threat category has come to the fore: cyber security. While cyber attacks are not new, the core operations of energy companies have been relatively well insulated from them as they were not connected to the internet. However, as energy companies turn to IoT meet growing demands for power, evermore parts of their operations are being connected, creating new vulnerabilities and risks.
Today’s cyber threats are persistent, well organised and constantly evolving. Considering the energy sector underpins the operation of every country’s society and economy; these organisations are prime targets for malicious hackers who may be looking to exploit and bring down an industry that billions of people depend on. The effects of a breach or service disruption could have disastrous consequences, potentially leaving entire regions without power. This is no idle concern – consider the Ukrainian power grid cyber-attack of December 2015, where hackers successfully left 230,000 citizens in the dark by compromising information systems of three energy distribution systems.
Moreover, motivations might not be confined to those looking to cause havoc for citizens – there is also the potential for cyber-attackers to use connected devices for corporate espionage purposes, gaining access to confidential data and utilising it for competitive advantage, blackmail, or any other nefarious purpose.