1. Forum
  2. FidoNet
  3. POLITICS

  • The US energy sector is b

    From Mike Powell@1:2320/105 to All on Thu Dec 12 10:44:00 2024
    The US energy sector is being put at risk by critical third-party vulnerabilities

    Date:
    Wed, 11 Dec 2024 22:03:00 +0000

    Description:
    Interconnected nature of energy sector makes it particularly susceptible to cyberattacks.

    FULL STORY

    New research has claimed significant vulnerabilities are plaguing the US
    energy sector - with a worrying amount stemming from third-party weaknesses.

    A recent report by SecurityScorecard and KPMG based on a survey of the 250 largest US energy companies claims third-party risks account for 45% of breaches, with 67% of breaches in this sector linked to software and IT vendors.

    The data shows the US energy sector has a critical reliance on third-party services for cybersecurity.

    Escalating cybersecurity threats

    The report also highlights a notable disparity between oil and gas companies and their renewable energy counterparts. Oil and gas companies generally
    score better in cybersecurity, with many earning an A rating, reflecting
    their relative strength in addressing cyber threats. In contrast, renewable energy firms lag behind, receiving an average score of B."

    The interconnected nature of renewable energy systems, such as smart grids
    and solar or wind power installations, makes them particularly vulnerable to cyberattacks, with the report suggesting that addressing these
    vulnerabilities should be a priority for the sector.

    In the energy sector, most cybersecurity vulnerabilities are concentrated in three key areas - application security, network security, and DNS health -
    with 92% of companies having their lowest scores in these risk categories.

    US critical infrastructure has already been subject to a number of attacks
    from Russia , China , and Iran , highlighting the need for improved
    resilience against vulnerabilities and better protection for exposed
    endpoints.

    The energy sector's growing dependence on third-party vendors highlights a critical vulnerability its security is only as strong as its weakest link," noted Ryan Sherstobitoff, Senior Vice President of Threat Research and Intelligence at SecurityScorecard.

    "Our research shows that this rising reliance poses significant risks. Its
    time for the industry to take decisive action and strengthen cybersecurity measures before a breach turns into a national emergency."

    ======================================================================
    Link to news story: https://www.techradar.com/pro/The-US-energy-sector-is-being-put-at-risk-by-cri tical-third-party-vulnerabilities

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)