'You have the baddest of the bad guys after you': Cyber threats in the energy sector

VideoThe East of England Energy Group SNS2018 conference. (L-R) Ian Bramson, head of strategic cyber solutions at Siemens; Jim Crawford, Sizewell C project development director at EDF Energy; and Kevin Magee, director of Proeon Systems. Picture: Keiron Tovell

The East of England Energy Group SNS2018 conference. (L-R) Ian Bramson, head of strategic cyber solutions at Siemens; Jim Crawford, Sizewell C project development director at EDF Energy; and Kevin Magee, director of Proeon Systems. Picture: Keiron Tovell

Keiron Tovell

The UK’s energy infrastructure is becoming an increasingly common target for hackers, according to cyber security experts.

[embedded content]
Operational technology (or OT), often less well protected than IT systems, is one of the easier targets for cyber criminals but could have dire consequences – with attacks having the ability to slow down or stop energy generation.

Speaking at the SNS2018 conference organised in Norwich by the East of England Energy Group (EEEGR), Ian Bramson, head of cyber security and solutions at Siemens, said businesses have never been more dependent on their own ability to deal with cyber threats. He believes attacks on the energy industry are becoming “more frequent and more potent”. “You are part of critical infrastructure.

You now have the biggest and baddest of the bad guys coming after you,” he said. “You cannot maintain the benefits of automation or digitisation without understanding cyber security. It is like running a fast car with no brakes – you will go fast but you will not go far.

“OT is where the attackers are now going, to the pumps, the transportation systems. They can steal your data, but they can also shut you down, or blow you up, or slow you down so they can manipulate energy markets.” He added: “Cyber security went from the basement to the board room and now it is going to the customer – it is something you are going to be assessed on that is going to impact your value.”

Kevin Magee, director of Proeon Systems, a safety and control systems supplier based at Hethel Engineering Centre, said an “obsession” with putting objects and machinery on to wireless networks was opening up more vulnerabilities. Less secure access procedures and legacy equipment, which is more difficult to patch, were compounding the problems, he said. “Information on control systems is often publicly available, and a lot of the equipment is based on commercially available, off-the-shelf equipment.

These things taken together present a whole pile of risk,” he said.

The EEEGR SNS2018 conference will see 1,300 industry representatives gather at the Norfolk Showground.

It continues today, with talks on offshore wind and decommissioning.

You may also like...