Energy suppliers are particularly vulnerable from cyber attacks because of the industrial control systems they use, according to new research.
The report, Advanced Cyber Attacks on Global Energy Facilities, was compiled by risk assessors Marsh Risk Management.
According to the company, it is only a matter of time before a power supplying firm is hit hard by a major hacking incident.
It says this vulnerability is a result of widely-adopted Internet control systems (ICS) that are designed to cut costs and improve efficiency, leading to a disproportionate number of cyber attacks against energy providers.
“Open ICS have integrated controls that are linked with other information technology networks, giving hackers the opportunity to gain access through back doors and exploit system weaknesses to their advantage,” claimed Andrew George, chairman of Marsh’s Global Energy Practice.
“A successful attack on computer control or emergency shutdown systems, even at a small refinery, petrochemicals or gas plant, could result in estimated maximum loss as a result of fire or explosion worth hundreds of millions of dollars,” he added.
George also warned that production has already been disrupted and computer hardware destroyed by cyber criminals to date, claiming that it isn’t for lack of trying that there has yet to be a major disaster.
He recommends that companies within the power sector collaborate to create a universal solution to protect against the threat of attacks by focusing on preparing scenarios and then identifying, responding to and containing these attempts.