Issue 3: Getting ahead of the threat-scape

by Smart Grid Forums on March 2, 2021

Cyberweekly No.3

Many thanks to all those who took part in our survey last week testing the cyber-awareness temperature of power grid technical workforces. We received 41 responses with 27% from utilities, 47% from technology suppliers, and 26% from industry advisors.

The good news is that 78% of participants believe their organisations are either in-line with or ahead of the threat landscape. 38% think that the Solar Winds attack on US government systems has had some influence on their cybersecurity roadmap. A whopping 95% feel that cybersecurity is now everyone’s business and that technical workforces must be cyber-educated and qualified as a core component of their roles going forward, in much the same way as H&S is. 75% feel that their existing organisational cyber-awareness programmes are either very effective or quite effective, and so on the face of it we appear to be operating on a fairly level playing field with the hackers.

However, when we break these figures down further it becomes apparent that to regain complete authority over the grid as we transition deeper into the digital age, it will be crucial for us as an industry to get ahead of the threat-scape, and that our organisational cyber-awareness programmes become very effective. At this moment in time only 22.5% of respondents believe their organisations are ahead and only 17.5% feel that their cyber-awareness programmes are very effective.

So, how do we bridge this gap and get ahead of the threat? Some of the suggestions that came through the survey include: the need for the Board to own the cyber-awareness programme and to allocate more budget to it. The need for more frequent, structured, and officially certified programmes that are made available to a wider range of power grid employees. And the need for creating a central repository of cybersecurity incidents and success stories worldwide, to inform, inspire and empower technical workforces and make cybersecurity a core component of their roles.

We know that Covid-19 has initiated a permanent migration of power grid employees to working from home and using their personal devices for work purposes, massively expanding the attack-surface, and leading to a 600% rise in cyber-attacks in the last year!

We know that Drive-by-wireless attacks are on the rise as more people work from home. We know that Ransomware attacks continue to be the number one threat to the power grid along with supply chain attacks and social engineering. We know that cyber-stalking of technical workforces to elicit confidential information is on the rise. And we know that today’s gold-standards in practices such as MFA will be tomorrow’s open doorway into power grid systems as hackers work around the clock to become wise to their loopholes.

Finally, we know that launching a cyber-attack no longer requires sophisticated skills honed over many years or expensive equipment accessible to very few. Sadly Crime-as-a-Service is now being made available on the Dark Web enabling just about anyone with the motivation and risk appetite to launch an attack at any time!

So, what can power grid professionals do on a mass scale to not only level the playing field, but to regain complete authority over the grid as we go deeper into the digital age? The good news is that many of the battles ahead of us have already been won in other sectors such as Banking and Healthcare with important lessons that are fast becoming relevant and applicable to the power grid.

Please enjoy this week’s selection of news, views and resources below, and feel free to share this newsletter with colleagues in other departments, and peers in other organisations.

Kind Regards,

13491583329318294

Mandana White
CEO | Smart Grid Forums

 

News, Views & Resources

ARTICLE: Deloitte. Covid-19’s Impact on Cybersecurity

From our Cyber Intelligence Centre, we have observed a spike in phishing attacks, Malspams and ransomware attacks as attackers are using COVID-19 as bait to impersonate brands thereby misleading employees and customers. This will likely result in more infected personal computers and phones. Not only are businesses being targeted, end users who download COVID-19 related applications are also being tricked into downloading ransomware disguised as legitimate applications.

To read the article click here!


ARTICLE: Standard Chartered. Crime-as-aService

For criminals, CaaS offers access to all manner of digital resources needed to commit cybercrimes, such as malicious software (malware), botnets (networks of computers infected with malware), hacking specialists, databases of stolen personal information, penetration testing of potential targets, open source research, and much more. As in the legitimate business world, CaaS facilitates specialisation by providers; leading to improved quality due to competition, increased market penetration through resellers, and a reduction in resources and skills barriers to entry for aspiring cybercriminals.

To read the article click here!


REPORT: Webroot. Social Engineering. Types of Phishing Attacks You Need to Know to Stay Safe

Phishing has evolved from a single technique into many highly specialized tactics, each adapted to specific types of targets and technologies. Boiled down, all these tactics exist for the same purpose - to swipe confidential information from an unsuspecting target in order to extract something of value. But knowing about the hugely diverse set of today’s phishing tactics can help individuals be more prepared for the inevitable instance when they become the target.

To read the report click here!


VIDEO: KnowBe4. Multi-Factor Authentication.

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, un-hackable solution. It isn't! Join Roger A. Grimes, KnowBe4's Data-Driven Defence Evangelist, and security expert with over 30-years’ experience, for this webinar where he will explore 12 ways hackers can and do get around your favourite MFA solution.

To watch the webinar click here!


VIDEO: Drive-by Wireless Attacks. Hacking Computers from Blocks Away With a Wi-Fi Duck

The USB Rubber Ducky is a famous hacker tool that allows quick exploitation of a target computer, provided you know what script you want to run in advance. We’ll try out a new tool called the Wi-Fi Duck that allows a hacker to connect and run payloads from up to blocks away. This allows hackers to run USB Rubber Ducky like scripts without needing to know what kind of computer they’re hacking in advance.

To watch the video click here!

 

CyberAware Webinar Series

Screen Shot 2021-03-02 at 13.49.00

Watch this space for more detailed programme and registration information for this
complimentary webinar series from: Monday 1st March 2021

 
 
 
 

Topics: CyberAware