Threats of cyber attacks on North America’s electric network systems are growing, industrial cybersecurity firm Dragos said in a new report this week.
This year, the firm has identified two groups, Magnallium and Xenotime, which are increasingly probing to compromise electric assets in North America, expanding their targeting from the oil and gas sector to include electric assets.
“This underscores the trend in threats expanding from single-vertical ICS operations to multi-vertical ICS operations we observe from adversaries targeting industrial entities,” Dragos said in its report.
Another group, Parisite, identified in 2019, has been focusing on exploiting vulnerabilities in remote connectivity services and virtual private network (VPN) appliances to gain initial access to target industrial control systems (ICS) networks, Dragos said.
“The complete “energy infrastructure sector” (e.g., electric, oil and gas, etc.) of all countries are at risk as companies and utilities face multiple well-resourced ICS-focused adversaries,” Dragos says.
Cyber security experts, however, are not panicking because they believe that the power sector and grid networks, especially in North America, are beefing up their security and are more prepared to withstand cyber attacks.
“There’s an incredible amount of awareness, a lot of work and a lot of dedicated people who are focused on that problem every day,” Bernie Cowens, who was vice president and CISO of Pacific Gas and Electric in California, told Information Security Media Group in an interview.
Last year, Microsoft security researcher Ned Moran said that an infamous Iranian hacker group may be targeting industrial control systems to cause major disruptions in power grids, oil refineries, and other physical energy assets, in an apparent sharpened focus on cyber warfare on critical industries.
The U.S. is looking to strengthen cyber security at critical energy infrastructure. The U.S. Department of Energy is awarding millions of US dollars in research and development of next-generation tools and technologies aimed at improving the cybersecurity of the critical American energy infrastructure, including the electric grid and oil and natural gas infrastructure.