Securing Utilities in the Age of Digital Transformation

Ensuring the reliability and safety of water, gas, and electricity supply to homes and businesses is fundamental to every utility's operations, but these principles are becoming increasingly threatened by the digital world.

Traditionally siloed water, gas, and electricity networks are undergoing a digital revolution, embracing technologies for real-time control and monitoring. This newfound connectivity, driven by investments in digitisation and automation, such as the Industrial Internet of Things (IIoT), is transforming operations.

The double-edged sword of digitalisation
While efficiency gains are undeniable, hyperconnectivity increases the potential surface of attack for cybercriminals. This vulnerability is further amplified by legacy infrastructure and outdated control systems, often with known weaknesses that hackers can exploit.

Compounding this challenge, network operators face a staff and skills shortage, making it difficult to manage cybersecurity risks alongside other essential investments – and utilities are a prime target for malicious actors as they provide critical services and disruptions can have widespread consequences.

Connecting utilities with cybersecurity experts
Concerns regarding the security of Europe's energy infrastructure and water networks have been steadily mounting in recent years. This growing apprehension was evident to Mediapoint & Exhibitions, the organisers of Pipeline & Gas Expo, as both visitors and exhibitors have expressed heightened alarm about the escalating frequency of cyberattacks targeting critical infrastructure, including gas, water, and power utilities, and the significant risks to safety, supply chain continuity, and economic stability.

Recognising the pressing need to address cybersecurity challenges within the industry, Mediapoint & Exhibitions is launching CYBSEC-EXPO, a new cybersecurity exhibition and conference, which will take place alongside Pipeline & Gas Expo 2024 at Piacenza Expo in Italy from 29th–31st May. This exhibition and conference will connect participants with cybersecurity experts and solution providers to foster collaboration and progress in safeguarding gas, water, and power utilities from escalating cyberthreats.

"The future of Europe's energy and water security hinges on our collective ability to address the ever-evolving threat of cyberattacks. CYBSEC-EXPO is a testament to our commitment to empowering utilities with the knowledge and solutions they need to future-proof their infrastructure. By bringing together the industry's brightest minds, we can ensure that our utilities remain resilient and prepared to meet the challenges of tomorrow," says Fabio Potestà, director of Mediapoint & Exhibitions.

The rise of cyberattacks on utilities
Quantifying cyberattacks on European utilities is a complex task. Under-reporting due to reputational concerns or ongoing investigations, and the broad scope of the term ‘cyberattack’ encompassing everything from infiltration attempts to disruptions, make it difficult to pinpoint the exact number of attacks.

However, the number of reported cyberattacks globally is on the rise, with hackers developing increasingly sophisticated methods. According to the International Energy Agency, the average number of weekly cyberattacks against utilities worldwide more than doubled between 2020 and 2022, reaching an average of 1,101 attacks per week in 2022.

The devastating consequences of cyberattacks
Many of the attacks reported in 2022 led to the shutdown of internal IT systems and/or resulted in data theft or data leaks, such as those experienced by Italian energy and utility company Gruppo Dolomiti Energia, the German subsidiary of Russian energy giant Rosneft, Spanish energy company Iberdrola, UK water supplier South Staffs Water, and Greece's largest gas distributor DESFA.

Alongside service disruptions or financial losses, vital customer data, including names, addresses and social security numbers, could be stolen and sold on the dark web, posing significant privacy risks, and increasing the likelihood of identity theft. Furthermore, these incidents can inflict severe reputational harm on utility companies. Public trust is paramount for utilities, and a cyberattack can erode this trust, resulting in customer churn and difficulties in attracting new business.

When hackers target operational systems
There’s also the concern that hackers could breach the control systems (SCADA) of operating technologies (OT), enabling them to manipulate pressure levels, introduce contaminants, or entirely shut down utility networks. Such breaches could result in critical shortages of water, gas, or electricity outages, and pose imminent threats to public safety. For instance, altering pressure or flow rates within a gas pipeline could trigger catastrophic explosions, while contaminating water networks with pollutants or pathogens could pose severe health hazards.

Moreover, the ramifications could cascade further. A cyberattack targeting one utility could potentially affect others interconnected within the network, setting off a chain reaction of widespread disruptions. The subsequent task of repairing the damage, restoring services, and compensating for lost productivity would incur substantial financial losses.

Instances of cyberattacks on OT in utilities may seem less frequent than those targeting their IT systems, but they are certainly not unheard of. For instance, while the ransomware attack on South Staffs Water in the UK in 2022 primarily targeted the IT network, the perpetrators claimed to have also accessed the OT network, particularly the systems responsible for monitoring chemical levels in the water. Similarly, in 2021, a hacker attempted to dangerously elevate the sodium hydroxide levels in a municipal water supply in Florida, USA, while cybercriminals in 2020 endeavoured to increase chlorine levels at several Israeli Water Authority facilities.

More recently, in October 2023, when a leak occurred in the 77 km long Balticconnector gas pipeline connecting Finland and Estonia beneath the Gulf of Finland, following an unusual drop in pressure, Finland's intelligence services launched an investigation to determine whether the incident might have been the result of a cyberattack.

"While the digital revolution presents incredible opportunities for efficiency and innovation in the utility sector, it also introduces new vulnerabilities – and the escalating cyberthreats facing Europe’s utilities are a critical challenge demanding immediate action. Together, at CYBSEC-EXPO, the industry can collaborate to address and stay ahead of these risks, helping to ensure the continued safe and reliable delivery of essential services that European citizens depend on every day," Potestà concludes.

The first edition of CYBSEC-EXPO will take place 29th–31st May 2024 at Piacenza Expo in Italy.