Duke CEO Says Utilities Know ‘We Are a Target’ for Hackers
(Bloomberg) -- The cyberattack on the biggest fuel pipeline system in the U.S. is a stark reminder that America’s energy infrastructure is a tempting, and vulnerable, target for hackers.
“The industry understands that we are a target,” said Lynn Good, chief executive officer of Duke Energy Corp., in a Bloomberg Television interview on Monday. “A level of vigilance is required.”
While Duke, one of the biggest U.S. electric utilities, is not directly impacted from the Colonial Pipeline shutdown, the latest attack adds to the growing list of similar occurrences involving global energy assets. Over the last two years, a ransomware attack brought down a U.S. natural gas compressor facility, a massive SolarWinds breach targeted companies in multiple industries, including utilities, and Mexico’s oil giant Petroleos Mexicanos reported a cyberattack that crippled its computer systems.
This most recent hit by hackers underscores how the utility industry needs to recognize that there is a link between their information technology systems and their operational technology that is directly connected to the grid, said Tobias Whitney, vice president of energy security solutions for Fortress Information Security, which works with large U.S. utilities.
“This is an example that I think the industry needs to recognize how ransomware can be used,” Whitney said in a telephone interview on Monday. Everyone involved with critical infrastructure will want to understand how this happened and learn how to prevent it from occurring on their systems in the future, he said.
U.S. grid operator ISO New England Inc. said in a statement on Monday that “the threat these types of attacks pose has long been a critical focus,” and it continues “to work with state and federal authorities and the industry on identifying threats.”
Meanwhile, Duke has a policy against discussing whether it has been targeted by cyberattacks, according to Chief Financial Officer Steve Young. However, it’s clearly a growing threat and the company is working to step up its defenses.
“Obviously, this is an area of concern,” Young said in an interview. “There are a great number of bad actors out there.”
©2021 Bloomberg L.P.