By definition, ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid (Oxford Languages). Many businesses, including utility companies, have been victimized by ransomware. In fact, 2020 saw the largest increase in global ransomware attacks to date. Specifically, Purplesec.us published the estimated cost of ransomware attacks at:

  • $8 billion in 2018;  
  • 11.5 billion in 2019; and 
  • $20 billion in 2020.

There are so many new ransomware attacks that it can be very difficult to keep track of them. According to the graphic below, published by Cloudwards.net, the top three types of ransomware in 2020 were: 

  1. Revil; 
  2. Maze; and 
  3. Phobos. 

Why is ransomware so prevalent, and who are the attackers? Ransomware kits can be purchased on the dark web, some at very reasonable prices. Groups in Russia, Iran, China, and North Korea are often suspects in ransomware attacks, and the United States is typically the most targeted country. 

Utility Systems Vulnerable to Attacks 

In 2020, several utilities were hit by ransomware attacksIn December 2020, The City of Independence, Missouri was breached making it impossible for customers to pay their utility bill online. It also caused a delay in bills being received in the mail. Customers were unable to reach the utility, because the phone lines were backed-up with inquiries and there wasn’t enough staff for the sudden influx of calls. The attack resulted in technical difficulties and disruption to multiple services. Thankfully it was stopped before it could infect the entire City network. As of January 8, 2021, they are still trying to recover and get back to normal billing cycles. Customers are just beginning to receive their bills, representing their past 60 days usage. Earlier in the year, Reading Municipal Light Department (RMLD) was infected in a similar way 

And it’s not just customer data that is vulnerable. Another attack at an unnamed U.S. natural gas compression facility resulted in a two-day shutdown. This demonstrates the vulnerability of utility infrastructure. In the case of energy, vulnerabilities are growing because of security gaps that are created when utilities move to leverage data analytics, artificial intelligence, and balance the grid with intermittent renewable energy and distributed power generation. 

The article, “Utilities Vulnerable to Cyber Attacks, Finds Study” summarizes a research study conducted by Siemens and the Ponemon Institute that assessed the industry’s risk, readiness, and opportunities to secure utility systems and infrastructure. In the article, Randy Bell, director of the Atlantic Council Global Energy Center, was quoted as saying,  

“Increasing electrification across a range of sectors is a crucial piece in the decarbonization puzzle, but, as the Siemens and Ponemon Institute report documents, an increase in grid-connected infrastructure creates additional vulnerabilities to cyberattacks. A devastating attack would not only harm the economy, but it could also slow down the rate of electrification. This report provides recommendations to help utilities better address these risks. Getting this right is not only important for the security of our electricity system, but also for achieving our climate goals.

Protecting Your Organization and Customers 

Every organization needs to create a customer-centric culture that puts customers at the forefront of all decisions. This includes prioritizing cybersecurity to protect customer data, and infrastructure that enables the delivery of reliable and safe services. A solid, modern cyber defense strategy is imperative, along with a culture where customer-centricity and cybersecurity are leading priorities.  

Because this represents a difficult shift for most utilities, making this change includes honestly evaluating operational processes and procedures, and fixing what is inadequate, including leadership deficienciesThis topic is thoroughly explored in the ondemand panel session, Cleaning Up Operational Clutter to Build a Customer First Company 

Investments in talented, cybersecurity experts are critical for protecting assets and mitigating risk. Continually educating your employees about cyber hygiene is also critical, because it’s a moving target and an easy path in for a cyber-attack. 

Yes, vulnerabilities and attacks are on the rise in a big way. But, utilities who adopt more customer-centric cultures—with cybersecurity a leading priority—can reduce the number of attacks that make their way through.  

Dig Deeper 

PowerSession – 2020-09 – Bulk Power Cybersecurity | Energy Central

When will a ransomware attack impact the Bulk Electric System? 2018 | Energy Central

Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events | NCCoE & NIST

Utilities Face Growing Ransomware Threat as Hackers Improve Strategy | UtilityDive

Ransomware Prevention Special Report: How to Address a Pervasive and Unrelenting Threat | SANS