Selloff or Market Correction? Either Way, Here's What to Do NextSee Overvalued Stocks

Cyberattacks on US utilities surged 70% this year, says Check Point

Published 09/11/2024, 11:14 AM
Updated 09/11/2024, 01:22 PM
© Reuters. FILE PHOTO: The sun sets behind power lines above the plains north of Amarillo, Texas, U.S., March 14, 2017. REUTERS/Lucas Jackson/File Photo
MSFT
-
AAPL
-
HAL
-
IBM
-
UNH
-

By Seher Dareen and Vallari Srivastava

(Reuters) - U.S. utilities faced a near 70% jump in cyberattacks this year over the same period in 2023, according to data from Check Point Research, underlining the escalating threat to a critical infrastructure.

The utilities and power infrastructure across the U.S. are becoming increasingly vulnerable as the grid expands rapidly to meet surging demand for power and assets are digitalized.

Utilities are low-hanging fruit for cyberattacks because many of them use outdated software, said Douglas McKee of cyber security firm SonicWall.

To date, the attacks have not crippled any U.S. utility, but industry experts warn a coordinated attempt could be devastating, impacting essential services and causing substantial financial losses.

There were 1,162 cyberattacks on average through August this year, compared to 689 in 2023, Check Point data showed.

The energy sector is considered to be more vulnerable to such attacks. In May 2021, fuel pipeline operator Colonial Pipeline was forced to shut down its entire network due to one of the biggest cyberattack incidents on the energy industry.

More recently, U.S. oilfield services firm Halliburton (NYSE:HAL) disclosed that an unauthorized third party had accessed and removed data from its systems.

The utilities industry depends on IoT and ICS (Internet of Things and Incident Command System) technology, which are not as advanced in their cyber defenses as the software used by Apple (NASDAQ:AAPL) or Microsoft (NASDAQ:MSFT), McKee said.

Compliance with regulations such as the North American Electric Reliability Corp's (NERC) Critical Infrastructure Protection, which safeguards bulk power systems from cyber threats, only provide a minimum standard or protection, experts said.

The expansion of the grid, including incremental interconnections to new customers like Gen-AI data centers, is creating more potential points of attack.

Earlier this year, NERC said the number of susceptible points on the U.S. electrical networks has been increasing by about 60 per day.

Several major U.S. companies have suffered ransomware attacks in recent years, including UnitedHealth Group (NYSE:UNH)'s Change Healthcare (NASDAQ:CHNG) unit in February.

"If an equivalent attack occurred that was on the scale of Change Healthcare…the impact could be completely devastating," said Kevin Kirkwood, chief information security officer at Foster City, California-based cybersecurity provider Exabeam.

Even breaches that do not directly compromise critical infrastructure could lead to significant financial losses, said Wayne Tung, managing director at Sendero Consulting.

The average cost of a data breach in the energy sector reached a global high of $4.72 million, IBM (NYSE:IBM) reported in 2022.

© Reuters. FILE PHOTO: The sun sets behind power lines above the plains north of Amarillo, Texas, U.S., March 14, 2017. REUTERS/Lucas Jackson/File Photo

Historically, election years also fuel heightened malicious cyber activity.

"With the upcoming U.S. election, we can expect a surge in cyberattacks on critical infrastructure, including utilities, energy grids, and communication networks," said Nataliia Zdrok, Senior Threat Intelligence Analyst at Binary Defense.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.