Yikes: a computer worm that targets the energy industry

7548102540_8e8788b3cf_z

As the power grid and energy companies embrace digital technology, wireless networks and big data, they’re being exposed to the same security risks that the Internet has become accustomed to. Last week security group Kaspersky Lab wrote (via Ars Technica) that they’d discovered malware targeting a company in the energy industry that could destroy data in a computer’s hard drive and make the computer unusable.

The computer worm, called Shamoon or Disttrack by different security firms, is being compared to a series of malware that targeted Iran’s nuclear program (and reportedly could have been created by a U.S.-Israeli team). But the new malware also stands out because it attempts to make the wiped data entirely uncoverable by overwriting disks with bits of data taken from the web, and also alerts the attacker to how many files were destroyed.

The energy industry and the power grid are particularly susceptible to this kind of attack. Utilities are slow moving entities and are only just starting to add in wireless networks, software and big data storage systems. Some, like former CIA director, James Woolsey, think the smart grid needs to wake up to these security concerns. Security execs have also shown how easy it is to hack a smart meter.

Networks that control things like oil systems, nuclear plants, or water facilities could also do a decent amount of damage if they are successfully attacked and controlled. Electrical fires and shutting off power and water access could be real concerns.

Some big data focused companies are starting to create tools for the energy industry. For example, a startup called Splunk has a tool for oil and natural gas pipeline networks that lets the pipeline owner detect changes in sensor data in real time, enabling the owner to detect if areas have stopped reporting or have under gone changes in pressure. A big data startup called Sqrrl just raised $2 million to build out technology to make big data applications more secure.

I think one of the issues is that all of that innovation and money being invested into “big data” these days needs to trickle down to applications and tools for the energy sector. If utilities and power companies are going to ultimately be IT firms, they should start benefiting from that ecosystem and innovation.

Image courtesy of Greyweed.

loading

Comments have been disabled for this post