Expand / Collapse search
Watch TV

Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital SolutionsLegal Statement.

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. FAQ - New Privacy Policy

Utilities
Published

Despite Colonial Pipeline attack, likelihood of utilities sector hack has increased

WhiteHat Security finds increase in utility software with at least 1 vulnerability

close
IHS Markit vice chairman Daniel Yergin weighs in on the impact of the colonial pipeline shutdown and his outlook for renewable energy. video

Colonial pipeline hack shows how dependent US is on energy infrastructure: Energy expert

IHS Markit vice chairman Daniel Yergin weighs in on the impact of the colonial pipeline shutdown and his outlook for renewable energy.

A key metric that indicates vulnerability to cyberattacks has increased since the start of the year, a cybersecurity firm says.

The "Window of Exposure," a key metric that indicates the exposure to cyber breaches for software applications in the utilities sector, increased since the start of the year, WhiteHat Security said in a report.

The report said that the Colonial Pipeline ransomware attack also exposed the risks for vulnerable software applications in the utilities sector.

"Application specific attacks are equally if not more likely than ransomware [with] Colonial Pipeline...fresh in our minds," the report said. "Application weakness [is] an easy backdoor for the installation of ransomware, especially given the high-impact nature of the ransomware in utilities," according to WhiteHat.

Customers wait in line to purchase fuel at the Duck-Thru in Scotland Neck, N.C., on Tuesday, May 11, 2021. The station was doing a brisk business on Tuesday as news of the cyberattack on the Colonial Pipeline spread fear of a gas shortage in rural No

SOLARWINDS HACKERS' LATEST ATTACK ON US AGENCIES: NEW DETAILS EMERGE

At least 67% of utility sector software has at least one serious exploitable vulnerability, up from 55% at the beginning of the year, WhiteHat said.

"The effort and skill required to discover and exploit these vulnerabilities is fairly low, thus making it easier for the adversary," according to WhiteHat.

The top categories for vulnerability include information leakage, transport layer protection – which handles communication over a network – and content spoofing, where fake websites are set up by hackers.

"An example of this might be a document-sharing application or a cloud server with the barest of controls in place," said Sean Nikkel, senior cyber threat intel analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, in a statement provided to FOX Business. 

While Window of Exposure (WoE) – a benchmark for organizations against their industry peers – for manufacturing has decreased over the past 12 months and the WoE for healthcare has been improving, the WoE for utilities has spiked.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

The only sector more vulnerable than utilities is public administration, WhiteHat said.

The uptick in WOE is likely attributable to increased focus on security at utilities, which has resulted in more applications being tested, WhiteHat said.