News
OT Cyber-Attacks in Transport and Energy Sectors on the Rise
September 2022 by Ralph Chammah, CEO of OwlGaze
While most cybersecurity attacks are agnostic of the industry, impacting both IT (information technology) and OT (operational technology) there has been an alarming rise in the number of OT cyber-attacks on transport and energy businesses over the last month, with too many companies woefully underprepared and responding to attacks on a reactive, ad hoc basis, argues Ralph Chammah, CEO of OwlGaze.
“Only earlier this week, Go-Ahead, one of Britain’s largest public transport companies and London’s biggest bus operator, was the victim of a “cyber security incident” that affected the software it uses to schedule bus services and manage its drivers’ payrolls in London and throughout the UK,” says Chammah.
“The news hit the headlines, as the threat of major disruption to the company’s 2,400 buses in London could easily have caused chaos across the capital’s public transport infrastructure. And while Go-Ahead confirmed that its operations were disrupted, and the company reported the cyber-attack to the relevant regulators, including the Information Commissioner’s Office (ICO), it has not shared any more details of the attack, other than to issue a generic press statement to say that it had ‘immediately engaged external forensic specialists’ and that it was working with a security company to restore the affected parts of its systems from backups.
“The Go-Ahead cyber incident is merely the latest in an increasing number of high-profile cyber-attacks on the operational technology (OT) sector, with attacks on both transport and energy companies becoming, worryingly, all-too-frequent. Italy’s National Cyber Security Agency issued a warning last week that cyber attack’s on the country’s energy operators and infrastructure were rising and that there was an urgent need ‘to raise the levels of protection of digital infrastructure of energy operators, constantly updating them in line with the most recent threat information’.
“We are finding that many energy and transport businesses - that form the backbone of vital national public infrastructure - are woefully underprepared when it comes to cybersecurity. Organisations need to monitor their security controls constantly and proactively in line with all the most recent threat information. Which is something that can be done easily and cost-effectively with the latest advanced artificial intelligence (AI) that detects, adapts, and updates the necessary algorithms based on all threats to the company.
“Also, it’s worth remembering that energy and transport companies are not only responsible for critical public infrastructure – which means that cybersecurity vulnerabilities can potentially have a direct impact on the safety and security of millions of peoples’ lives – but they also deal with highly sensitive and private customer data, which is also at threat from the types of “cyber security incident” that we’ve seen in the UK and Italy in recent weeks.
“Like most of today’s businesses, energy and transport organisations are dealing with millions of cyber threats daily, highlighting the urgent need they have to use next-gen Security Information and Event Management (SIEM) software and User and Entity Behaviour Analytics (UEBA) technologies to increase their visibility of an increasingly complex threat network. Intelligently automating their internal and external threat monitoring and detection processes means they can identify and counter any potential threats before they become victim to a costly and potentially catastrophic cyber-attack.”
