Hacking threatens energy firms most
4 Oct 2013
Energy firms and SCADA systems are the companies and technologies at highest risk of cyber attack, according to one security analyst.
Speaking in London yesterday, EMEA senior cyber-security lead Jay Abdallah said that energy companies are at the highest risk of attack, being targeted approximately 10,000 times per month by hackers.
SCADA and Industrial Control Systems (ICS) are most commonly attacked within process automation networks. Process plants running these systems have seen attacks increase by 600% in the past three years, said Abdallah, speaking at an Invensys-led event on cyber security.
Even with the most advanced security systems there is no silver bullet against cyber-attack
Jay Abdallah, Invensys cyber security
He added that he believes the best way to combat these attacks is to create a security system at the core of a business, starting with vulnerability audits, network audits and system hardening.
However, process plants will never be free of risk, he added, even if the most stringent security measures are upheld.
“Unfortunately, even with the most advanced security systems in place there is still no silver bullet against cyber-attack,” Abdallah said.
He suggested companies adopt a “prevention is better than cure” or “defence in depth” approach to ensure security systems have a variety of engines of control at its disposal. Host intrusion prevention systems are key to this control, Abdallah explained.
Although 100% security cannot be guaranteed, Abdallah said that only with complete system monitoring and management can companies be sure the maximum is being done to keep its process plants running free from attack.
