Energy One cyberattack could be ‘crippling’ to UK critical national infrastructure, says expert

The ripple effects of the unfolding cyberattack on Australian energy sector software provider Energy One could be ‘crippling’ for UK critical national infrastructure operators, an expert from cybersecurity and data protection consultancy CSS Assure has warned.

Nick Pomponio, Director of Operations at CSS Assure, said the potential impact on the UK’s critical utility infrastructure highlights the escalating threats faced by essential services.

He said: “The ripple effects of cyberattacks on critical infrastructure can be crippling, impacting not just services, but also public safety and the economy.”

What must be done to safeguard critical national infrastructure?

“The Colonial Pipeline ransomware attack in 2021 and Russia’s cyber actions against Ukraine following its invasion underscore the dire consequences of such incidents on energy security. Collaborative efforts between governments, commercial entities, and security experts are imperative to safeguarding these essential services.”

How can operational technology environments be protected?

“The complexity of protecting operational technology (OT) environments cannot be underestimated. Monitoring all possible access points, maintaining an up-to-date baseline of normal activity, and employing advanced analytics for anomaly detection are crucial strategies in mitigating risks to critical infrastructure.

“In our view, incorporating automation technologies for real-time data analysis, coupled with educating users about cybersecurity best practices, is an important proactive approach. In our experience, the protection of critical infrastructure necessitates a holistic strategy that combines technology, human expertise, and international collaboration.

“More broadly, in a digital age where threats transcend borders, organisations must adopt a mindset of continuous improvement and preparedness. Strengthening cybersecurity measures and fostering a culture of diligence will be pivotal in mitigating the potential impact of future attacks on critical utility infrastructure.”

What does the Energy One cyberattack mean for international collaboration on cybersecurity?

“This incident demonstrates that collaboration between nations to address the aftermath of cyberattacks is critical, especially when they target vital sectors such as energy. In relation to the unfolding attack on Energy One, the involvement of security specialists and authorities, both in Australia and the UK, demonstrates the international nature of modern cyber threats and the need for a united front in response.”

What can we learn from the immediate response by Energy One to the cyberattack?

“The immediate steps taken by Energy One to isolate affected systems and analyse the incident’s impact are commendable. Disabling certain links between corporate and customer-facing systems is a prudent move to contain the threat and prevent further unauthorised access.

“Additionally, identifying the attacker’s point of entry is essential not only for addressing the current breach but also for shoring up defenses against future threats. This underscores the importance of robust security audits, as well as continuous monitoring, detection and mitigation solutions.

“Given the sensitivity of the industries served by Energy One, including energy retailers and generators, the company’s ongoing assessment of potential exposure of personal information is of paramount importance. Transparency and open communication will be key in comforting customers and stakeholders about the steps being taken to safeguard their data.”

Hungry for more tech news?

Sign up for your weekly tech briefings!