Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Utilities Fear Cyberattacks Could Cause Electric Grid Disruptions: Survey

Many utility executives from around the world believe cyberattacks could cause disruptions to electric distribution grids in the next five years, according to a report published on Wednesday by professional services company Accenture.

Many utility executives from around the world believe cyberattacks could cause disruptions to electric distribution grids in the next five years, according to a report published on Wednesday by professional services company Accenture.

Accenture conducted a survey of more than 100 utility executives from over 20 countries in Europe, North America, Asia Pacific and other regions. The respondents were decision-makers in processes related to smart grids.

The study shows that nearly two-thirds of respondents are concerned that there is at least a moderate risk of a cyberattack causing disruptions to electricity supply in the next five years.

Electric distribution grids face cyberattacks

Accenture found that 57% of respondents are concerned that a cyberattack would result in interruption to electricity supply, while 53% are worried about its impact on employee and/or customer safety.

Roughly half of respondents are concerned about theft of sensitive customer or employee data, and theft of company data and intellectual property. Ransomware and destruction of physical assets are also among the top concerns.

“A typical distribution grid has neither the size of a transmission network nor the same risks of cascading failure,” Accenture said in its report. “However, distribution grids have the same vulnerabilities and, as a potentially softer target, could be increasingly subject to attack. Breaches by a wide range of potential attackers could have devastating impacts along the entire electricity value chain, from generation through to consumers. A successful attack could erode public trust in the utility and raise questions about the security of all devices along the value chain.”

Related: Learn More at SecurityWeek’s 2017 ICS Cyber Security Conference

On a global scale, cyberattacks conducted by state-sponsored actors, including their own government, are considered the biggest risk to distribution networks. This is also the greatest concern in North America, but cybercriminals are seen as the biggest threat in Europe and the Asia Pacific region.

Advertisement. Scroll to continue reading.

The study also shows that utility executives are concerned, at least to some extent, about the risks posed by the Internet of Things (IoT) devices found in consumers’ homes.

Despite concerns, more than 40% of respondents said their organizations did not fully integrate cybersecurity into their risk management processes.

Nearly one-third of respondents believe improved threat identification and sharing across the industry would have the greatest impact on their cybersecurity capabilities. Others believe the biggest impact would come from clearer understanding of OT implications for cybersecurity (20%), training and risk awareness (15%), a holistic security program (12%), a risk management framework incorporating cybersecurity (11%), and clear cybersecurity governance and roles (10%).

Related: Injection Attacks Common in Energy and Utilities Sector

Related: Energy Management Systems Expose Devices to Attacks

Related: Iranian Hackers Target Aerospace, Energy Companies

Related: U.S. Energy Department Invests $20 Million in Cybersecurity

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...