In fiscal year 2014, there were 79 hacking incidents at energy companies that were investigated by the Computer Emergency Readiness Team, a division of the Department of Homeland Security. There were 145 incidents the previous year.
The outermost defenses aren’t holding up. Between April 2013 and 2014, hackers managed to break into 37% of energy companies, according to a survey by ThreatTrack Security.
Cybersecurity firm FireEye (FEYE) identified nearly 50 types of malware that specifically target energy companies in 2013 alone, according to its annual report. Energy firms get hit with more spy malware than other industries, according to a 2014 study by Verizon(VZ, Tech30).
In March, TrustedSec discovered spy malware in the software that a major U.S. energy provider uses to operate dozens of turbines, controllers and other industrial machinery. It had been there for a year — all because one employee clicked on a bad link in an email.
And just last month, CERT revealed that a Russian malware called BlackEnergy had found its way onto the software that controls electrical turbines in the United States.
Investigators didn’t see any attempts to damage or disrupt machines. But the malware gives hackers a backdoor to plant destructive code in the future.
So far, no computer virus has shut down any portion of the grid. But hackers are still breaking in, giving them the potential to flip switches off.
“Our grid is definitely vulnerable,” said David Kennedy, TrustedSec’s CEO. “The energy industry is pretty far behind most other industries when it comes to security best practices and maintaining systems.”
