Dj Das is founder and CEO of ThirdEye Data.
In April, hackers successfully breached the networks of a Canadian gas pipeline. Once in, they were able to increase valve pressure, disable alarms, and make emergency shutdowns. An attack at this level is unprecedented, but the reality is the energy sector is increasingly exposed to malicious players.
One report already shows that the energy industry is a top target for cyberattacks. Energy is essential to communities, and part of the reason that the sector is so attractive to criminals is that they hold substantial leverage if they compromise networks. In 2015, for example, a hack on a power grid in Ukraine saw a quarter of a million inhabitants lose electricity.
- In 2022, 10.7% of observed cyberattacks targeted the energy industry.
- More than 75% of energy companies are vulnerable to ransomware attacks because their account credentials are readily available online.
- Cyber attacks cost the energy sector $4.72 million per breach on average in 2022.
The risk posed to the energy sector is exacerbated by its infrastructure. Much of the operational and informational technologies responsible for running energy systems haven’t been engineered for today’s digital environment – and this disconnect creates gaps in energy systems that hackers can take advantage of. Moving forward, energy organizations need to update their defensive toolkit to more accurately identify vulnerabilities, detect foul play, and strengthen authentication steps.
It starts with artificial intelligence.
Strengthening the overall energy cybersecurity chain
The energy sector’s defense against hacks is only as impactful as its weakest contributor. All players need to implement smart solutions that construct a collective front and ensure inefficiencies are addressed quickly. With a stronger security net over the entire energy sector, hackers won’t be able to carry out attacks on a large scale and therefore lose a lot of their leverage.
Using AI, energy companies can detect and monitor threats in their operating technologies. Insights can also be shared across companies, helping educate organizations about emerging attacks and how to thwart them. AI can also process the huge swaths of data that energy companies have and generate valuable outcomes for cybersecurity. For example, data around system usage, historical performance, and behavioral trends could suggest when an attack would happen and at what localized point of the network. Machine learning algorithms can equally be trained to recognize patterns and anomalies in data, and in response, can alert an operator or even automatically shut down designated system components.
As AI becomes more affordable and versatile, energy companies of all sizes can apply and scale it within their business. And, with more players integrating AI, takeaways around cybersecurity will be more informed and more effective as a protective measure.
Automated AI for the highest level of protection
Automation is at the core of good cybersecurity. Energy companies need to know that they have high-quality defenses in place on a continuous basis. Rather than spend large amounts of time on manual reviews, AI can keep atop of cybersecurity maintenance by providing real-time, autonomous protection against the likes of zero-day threats (which exploit bugs or access in software).
This automated AI doesn’t affect efficiency in energy companies’ workflows either — there is no downtime in processes, and issues due to human error are removed. Open AI is a prime example. Language models like the ones at Southern California Edison can be used for various applications in the field of cybersecurity, including threat intelligence, log analysis, and real-time incident response, all without interrupting daily technical operations.
What’s more, automation can be the bridge between legacy hardware, remote assets, and new technology in the energy sector. Instead of having these resources operate in silos — and create more entry points for hackers — AI offers a unified shield, and can be retrofitted to ensure that all equipment has the most up-to-date cybersecurity. Especially among legacy hardware, which is more likely to break and can be expensive to replace, automated AI solutions bring the equipment’s defenses up to par with modern hardware.
AI considerations for comprehensive security coverage
AI is evolving, and so too is the energy sector’s application of it. Companies can’t assume that they can introduce AI and take a step back from cybersecurity — they need to stay atop of challenges in order to be better prepared to respond to them. The result is more streamlined security in the most pressing moments.
For instance, energy organizations need to track and carefully select the data that they use to fuel AI. The quality of data is far more important than quantity of data, and companies should take care not to fuel AI with information that could produce misleading or inaccurate conclusions and negate cybersecurity actions. That’s why energy firms need dedicated AI teams that review how AI is driven and where data can be refined.
Energy consumption is also a factor in AI application. AI consumes a lot of electricity, and in the energy sphere where companies understand the importance of efficiency, players have to balance essential and advanced cybersecurity with a sustainable financial and environmental impact.
Meanwhile, compliance has to be a priority for AI adopters in the energy sector. Regulation around AI is still developing, and governments are set to implement greater structure around it in the future. Organizations subsequently need to stay aware of their legal and ethical obligations and take an agile approach to AI that enables them to adjust how they use it, without losing its benefits.
Cybersecurity lapses in the energy sector can have severe repercussions for the companies themselves and the general public. It is urgent that AI be used to safeguard energy infrastructure, as well as to shape general practices that boost the health of energy firms. Organizations that embrace AI now not only heed the warning from the Canada pipeline hack, they establish more robust cybersecurity for the long term.