Utility workers are on strike; cybercriminals won’t be

The wave of industrial action that’s spread across the UK in recent months has now hit the utility sector.

In late March, approximately 1 400 offshore oil and gas workers voted to go on strike in a series of 24, 48, and 72-hour interruptions in a bid for better deals on jobs, pay, and working conditions.

While the strike was  limited to electrical, production and mechanical technicians as well as skilled labourers such as crane operators, scaffolders, and riggers, it could soon spread further. Even if it doesn’t, the strike and its attendant disruptions still represent a significant opportunity for cybercriminals.

It’s vital, therefore, that players in the energy sector are doing everything in their power to bolster their cybersecurity efforts, especially when it comes to things like threat detection and the protection of business-critical applications.

Bolstering protection in an already targeted sector

That need for extra protection is even more important when you factor in how much of a target the utility sector is for cybercriminals, particularly in the UK. According to IBM Security’s 2023 X Force Threat Intelligence Index, the UK was the most attacked country in Europe, accounting

for 43% of cases. Of those, 16% were directed at the energy sector, making it one of the primary attack targets for the second year in a row.

Those attacks present multiple dangers. In a worst-case scenario, they could cripple an organisation’s ability to supply electricity or gas to the respective grids. But even relatively minor business interruptions can have a deleterious impact, costing the organisation time and money. Those costs are, almost inevitably, passed on to the customer. And in the midst of the biggest cost of living crisis in decades, few customers can afford any further additions to their energy bills.

Unfortunately, the ongoing strikes only open up further opportunities for attacks in this already vulnerable industry. While cybersecurity departments are yet to join the industrial action, it does mean that fewer workers will be around for things like training and updates. It also opens up another angle for social engineering attacks, with attackers using it to spoof important emails. When those emails are opened and the links or attachments within them are clicked on and downloaded, the attackers have an “in” to the broader company system.

And once they get into the system, it becomes that much easier to target business-critical applications.

Given that around 80% of organisations have suffered one or more breaches that could be attributed to a lack of cybersecurity skills, it should be clear how the current industrial action adds to the threats faced by an industry that already has a massive target on its back.

Invest in training, use the right cybersecurity partners

That additional threat opportunity means that, even with workers out of action, organisations in the energy and broader utility space cannot afford to slow down on employee cybersecurity training. In fact, it may be more urgent than ever.

It’s also a good time for these companies to assess where they are when it comes to their internal cybersecurity teams’ capabilities and resources. Where it’s possible to improve those resources, they should do so as quickly as possible.

But energy organisations should also look at their cybersecurity vendors. A good right security provider won’t just engage in constant research around how cybercriminals are using the latest technologies and socio-economic situations to enhance their attacks but also how those technologies can be used to improve threat detection, prevention, and defence.

Given the damage that a cybersecurity attack can do to an energy company’s critical infrastructure, a good security vendor should also be proactive, something they should be proactively telling the company about too.

An ongoing battle

Ultimately, the kind of labour action that the utility sector and others are experiencing right now is unlikely to go away unless there’s a dramatic easing of inflationary pressures. And while workers might be on strike, cybercriminals most certainly won’t be. Far better than for utility companies to bolster their cybersecurity efforts now than before it’s too late.

About the Author

Mark Clark is VP Sales EMEA North at Onapsis. Onapsis protects the business-critical applications that power the global economy including ERP, CRM, PLM, HCM, SCM and BI applications from SAP®, Oracle® and leading SaaS providers. Onapsis proudly serves more than 300 of the world’s leading brands including 20% of the Fortune 100 and partners with leading consulting and audit firms such as Accenture, Deloitte, IBM, PwC, and KPMG. The Onapsis Research Labs is responsible for the discovery and mitigation of more than 800 zero-day business-critical application vulnerabilities.

Featured image: ©1st footage