Rising Threats and Rising Costs

The utility network in Australia is undoubtedly critical to our nation, with powerlines spanning over 5,000km from Port Douglas to Tasmania – one of the world’s longest single electricity grids. The rise in cybercrime, combined with impact assessments from global case studies, indicate that a targeted attack against a major Australian critical infrastructure provider could occur at any time. Both the opportunity and the incentive for such an attack are significant, but the ability of Australian utilities to prevent, detect or respond to such an attack is low.

The industry is undergoing a huge transformation, integrating technology to increase performance and profit in a challenging political, regulatory and operational environment characterised by new competitors and a swathe of market disruptors. From Artificial Intelligence (AI), Internet of Things (IoT), to smart grids and microgrids, energy providers in Australia are increasingly experimenting with new technologies connecting IT, energy management systems and consumers.

This digitisation is set to continue as new regulatory and commercial pressures squeeze margins while community expectations for reliability, transparency and high standards of supply remain high. This increasingly digitised network is creating new security vulnerabilities and widening the threat landscape.

The industry is a prime target for cyberattackers to inflict serious damage and disruption, from lone wolf cyber criminals to nation state actors, seeking both political and financial benefits, as explored in Accenture’s recent whitepaper, Securing Critical Infrastructure. Regardless of the source or the motive, a successful attack on our grid could result in major power outages, completely disrupting life as we know it. As such, the threat of cyberattacks on our power infrastructure is a cause of major concern for operators and the government, especially with recent incidents globally in Norway, Ukraine and South Africa.

Global cybercrime incidents in the utility industry have increased by 67 per cent in the last five years, according to Accenture’s Cost of Cybercrime 2019 research, reflecting the increased vulnerabilities. Of all industries surveyed by Accenture, the utility industry has the highest cost of cybercrime, an average of US$17.84 million per year.

With cybercrime increasing so significantly, it’s important we look at what has been done, and what could be done better to make sure the industry (and our nation) is safeguarded against these rising threats.

The cost of cybercrime to a utility business is growing – denial of service (cyberattacks designed to render a computer or network service unavailable to its users) can cost up to $207,000 a year and malicious code up to $182,000 for utility businesses to resolve. The average cost of cybercrime for a utility organisation increased by 12 per cent over the last year, putting the economic value at risk over the next five years at $219 billion dollars.

However, cybercrime’s biggest casualty is not financial losses but rather the unsalvageable consequences of losing valuable information. In the face of new regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), the hazards of information loss are an ongoing concern. Future incidents of information loss (theft) could have significant financial impact if regulators choose to impose fines.

It’s important that utility businesses invest in preventing information loss and business disruptions through secure, resilient cybersecurity. To do so, they should focus their resources on discovering and managing attacks such as denial-of-service, malicious insider and malware and the use of data loss prevention technologies.

We can’t place too much emphasis on the importance of protecting our people. The utility sector’s greatest vulnerability is its people, leading to an alarming number of cyberattacks. While the study revealed organisations are investing in some protection, the concern is that the increase is not enough to cope with fast growing cyberattacks like phishing.

To ensure understanding and awareness of cybersecurity is embedded within a business and remains effective against insider threats, an organisation must bring together all its departments, including human resources, legal, development, security and IT, to take part in regular training and education. By working closely together, businesses will strengthen any weak links in the business and combat the growing threat in the human layer.

As the number of cyberattacks grow, so do the discovery costs. Businesses must face the reality that preparing for the cost of cybercrime is not a choice, but a requirement if they expect to maintain strength and sustainability in a landscape of growing cyber threats.

Businesses must be proactive by investing in the technologies to investigate and discover cybercrimes. The adoption of AI, machine learning and automation is a smart way to manage the rising cost to discover attacks.

By being proactive – not reactive – in the adoption of smart and adaptable technology, businesses will significantly minimise risks across all layers of business.

The utility industry will need to work proactively and intelligently if it wants to combat the growing threat of cybercrime. Here are three key steps all utility organisations must respond to immediately if they believe in the importance of growing their cyber resilience:

1. Protect your greatest asset – information – through focused discovery management and prevention technologies

2. Place greater emphasis on protecting people through a collaborative effort in the business

3. Be proactive, not reactive, by investing in discovery technology to manage threats across the business to prevent information loss and business disruption which are growing concerns

Australian utilities can no longer ignore the harsh reality of cybercrime – it’s evident that it’s a case of ‘when’, not ‘if’ they will face a major attack. The time for utility businesses to increase their cyber resilience is now.