APAC Ransomware Poised to Target Energy & Power

14/06/2019 16:42:49
The city of Baltimore, Maryland USA has been held hostage since May 2019 by a ransomware attack targeting the city’s Department of Public Works and shutting off email access, phones and other systems before the Office of Information Technology shut down most of the non-emergency city systems to contain the contamination. The most recent reports state that citizens are unable to pay water bills, parking tickets and driving citations since the attack, and many city workers have been forced to use personal email addresses, computers and cell phones as well as resort to a paper-based processes to complete things like real estate transactions – and some offices are completely shut down. Surprisingly, this is not the first time Baltimore has suffered such an attack, with their 911 (police and medical emergency) system being crippled by a RobbinHood ransomware attack in 2018, when the firewall was shut down for routine maintenance.

Attacks on the energy sector aren’t specific to the USA, with Europe, Japan and Australia experiencing an increasing number of attacks targeting power and energy. So what does this mean for the APAC region, the target of 35.9% of cyberattacks globally? While statistics vary, it seems that an average of 31% of APAC cyberattacks focus primarily on the financial services vertical, with attacks targeting all other key verticals (i.e. government, education, utilities, retail, etc.) pretty evenly distributed to make up the remaining 69%.

Enter, the “smart grid.” Studentenergy.com defines the smart grid as “… the modernization of the electricity delivery system. A smart grid differs from the traditional grid in that it allows two-way communication of electricity data, rather than a one-way flow. Smart grids enable real time data collection concerning electricity supply and demand during the transmission and distribution process, making monitoring, generation, consumption and maintenance more efficient.”

The first test smart grid project was constructed in just the past few years in the South Korean Jeju islands, with Japan following close behind with 4 interconnected smart grid test projects. While it didn’t catch on immediately, 17.5 million smart electricity meters were installed in the APAC region in 2017 with the biggest proponents being Japan, South Korea, India, Australia and New Zealand. Singapore, Thailand, Malaysia and the Philippines have plans to develop their own smart grids by 2020. Because the APAC region is susceptible to natural disasters like typhoons, tropical storms, earthquakes, mudslides and the like, a centralized power grid has been a pipe dream up until recently with a majority of industry funding going toward repairing aging or legacy power infrastructure – until now.

Looking forward by taking a few steps back, it’s no surprise that the United States, Europe, Japan and Australia (regions which have well established or quickly developing smart grids) are experiencing more cyberattacks targeted at their utilities and power sector. The more widespread and interconnected the power structure is – logically, the more destructive a cyberattack or ransomware attack can be – as we see in Baltimore, Maryland as we speak.

What can we in the APAC region learn from this as we prepare to move toward the same interconnected power structure and therefore the same cyber-risk? In their article, Managing Cyber Risk in the Electric Power Sector, Deloitte advises becoming “more secure, vigilant, and resilient” by addressing the people, processes and technology in use before a cyberattack cripples your regional power supply. A careful evaluation and training of employees, and the installation of an Internet Access Management (IAM) appliance could secure the network as well as restricting access to critical systems. Using an Hyperconverged Infrastructure (HCI) solution will help implement disaster recovery solutions. Deployment of Next Generation Firewall products like Sangfor’s NGAF helps to provide the needed security against cyber threats with automated visibility, O&M and real-time detection and response needed to identify potential breaches.

Why Sangfor?
Because the APAC region already leads the world in cyberattacks, the nature of cybercrime dictates that it will eventually branch out of the financial sector into the energy sector – and it’s time to get ahead of it.  Founded in 2000 and a publicly traded company as of 2018 (SANGFOR STOCK CODE: 300454 (CH)) Sangfor Technologies is the global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com and get in touch with Sangfor Technologies today to see what we can do to custom build your IT solutions to your power problems.

Our Social Networks

Global Service Center:

COPYRIGHT © 2000-2019 SANGFOR TECHNOLOGIES INC. ALL RIGHTS RESERVED.