Cyber Threat Landscape in Energy Sector

Energy, in its many forms, is vital for modern society. It is not just the electricity we get from the plug but it contains the varied production methods and the means to bring it to the end-users whether they are industries, traffic or homes. If this chain is broken and energy cannot be distributed, the results are complicated. Especially, the lack of electricity tests the reserve power production capabilities in hospitals and in other critical infrastructures. Readiness plans have to be kept up to date and rehearsed regularly in order to keep them effective. This requires information of the changes in security scenarios based on new emerged threats. Energy sector is facing new opportunities as smart grid solutions provide possibilities for more efficient energy production, transmission and distribution. However, new risks arise from connectivity and automation. Bringing remote access to systems that are not designed for it security-wise, aids adversaries to reach their goals undetected. We have seen cyber risks actualizing and having an effect on our physical world. In addition to causing inconvenience in society's basic functionalities, intentional power outages also shatter the sense of security. This is why national and international research projects are formed around this topic. From Finland's perspective, interest in smart and flexible energy systems is very high. In addition, our energy production is quite distributed, and there are numerous operators on the market. Because of that, we need to consider the cyber threats in national level. There are studies and models on how to prepare for these events or even better how to prevent them. We wish to see how realistic these models are against real-world scenarios. We survey and analyze current publicly known cyber-attacks against actors in energy sector and compare the kill chain, adversaries and impacts. We also explore mitigation strategies for future scenarios based on the findings of our analysis. The result describes current energy sector cyber threat landscape. It provides information to security solution developers in business but also in national level. Results can be seen as a baseline for future trend comparisons.