By reinforcing their digital security, organizations in the Canadian power sector can defend themselves against some of the dangers.

Fremont, CA: Attackers are increasingly focusing their efforts on energy organizations, particularly those that underpin national electric grids. Worldwide, utilities have been subjected to distributed denial-of-service (DDoS) assaults, which are increasing year after year. Whether a cyberattacker's objective is financial, economic, national security, or industrial damage, essential infrastructure such as the power grid might be an obvious target.

The current state of digital security for Canada’s energy sector:

Fraud and ransomware

The majority of observed cyberattacks on Canada's electrical businesses have featured ransomware and fraud. The latter type of attack has included the theft of critical information about a victim organization's business operations and consumers. The Cyber Centre anticipates that these types of threat operations will continue in the future. This prediction is based in part on the Cyber Centre's judgment that ransomware perpetrators are continuing to perfect their products' ability to propagate across IT networks and breach Industrial Control Systems (ICS).

Supply chains and MSPs include enticing initial targets

Electric utilities rely on supply chains and managed service providers (MSPs) to maintain, update, and expand grid capacity. Malicious actors are aware of this, which is why the Cyber Centre anticipates that sophisticated actors will continue to target supply chain companies and managed service providers (MSPs) supporting the Canadian energy sector in the coming years.

IT-OT convergence making ICS vulnerable

Historically, Information Technology (IT) and Operational Technology (OT) were different, with teams operating in silos. This has shifted as a result of organizations' digital transformations. Organizations are linking their ICS and other operational technology assets to web-connected IT devices such as sensors in order to expand their visibility over and thereby optimize their industrial operations. The issue is that many of those OT assets are legacy devices that were created prior to the advent of modern IT threats. As a result of this IT-OT convergence, these industrial assets are now vulnerable to cyberattacks.