The threat of ransomware attacks on the public utility sector is steadily increasing. Historically, these attacks have targeted credit cards and social security numbers sent over email. Lately, attackers are getting more innovative and are stealing from more sources as technology continues to advance.
For years the security community has viewed internal resources as presenting the greatest cyber risk to an entity. In 2021, shortly on the heels of the much-publicized SolarWinds breach, as well as many other supply chain/third party cyber breaches, it can be argued that supply chain/third parties now represent a greater cyber risk than insiders. This poses an extremely difficult problem to address given the number of third parties providing technology services to critical infrastructure entities and the nature of the services provided by the third parties. AESI-US, Inc., a Hometown Connections cybersecurity partner, provides context and a 5-step process to address these risks.
To provide customers with several payment options, the Utilities Department of the Village of Jackson Center in Ohio accepts bank account direct and credit card payments. To ensure the security of customer information and thwart cyber intrusions overall, Jackson Center took advantage of cybersecurity services offered by its electric service wholesale supplier, American Municipal Power, Inc. (AMP). With the help of an assessment conducted by AMP personnel, Jackson Center has developed a culture of cyber vigilance and addresses vulnerabilities through an effective step-by-step process that is manageable for a small staff.
Due to recent news coverage of a major cyber penetration of U.S. government agencies and corporations across the globe, cybersecurity is front and center for city governments and their municipal utility departments. Before reaching out to consultants prepared to help evaluate cyber vulnerabilities and design a protection program, each community-owned utility should gather a baseline of information about their cybersecurity status. This outline will help the utility and potential consultants focus more quickly on the issues to be addressed.
You don’t need to be an expert in IT or have a huge consulting budget to champion your utility’s cybersecurity program. First and foremost, you must recognize that every city employee, utility employee, and governing official plays a key role in maintaining a cyber defense that protects business operations.
To meet public power’s need for cybersecurity solutions that are comprehensive and cost effective, Hometown Connections, Inc. has launched a Cybersecurity Management Program for public power electric, gas, water, and wastewater utilities and other city departments. Hometown Connections is helping community-owned organizations across the United States evaluate their cybersecurity requirements, develop plans for cyber risk management, and deploy effective cybersecurity defenses that include ongoing monitoring, training, remediation, and maintenance services.
Understand the cyber threat landscape, learn how to estimate the true financial costs of a cyber crime, and get tips on building your budget and risk management strategies. Register for this two-part webinar series to be held in June 2020 by the American Public Power Association Academy. Speakers include representatives from AESI-US, Inc. and Marsh Wortham Power Gen Insurance, marketing partners of Hometown Connections Inc.
Cyber criminals are trying to leverage the COVID-19 emergency by sending out “phishing” attacks that lure internet users to click on malicious links or files. Through emails with phony pledges for health information, hackers are gaining access to sensitive data. AESI-US, Inc. is deploying remote cybersecurity services to help community-owned utilities protect against these dangerous COVID-19 phishing attacks.
Expanding the scope of services offered to public power systems, AESI-US, Inc. is helping municipal utilities maximize the return on their operations technology (OT) investments and optimize operations. AESI’s technical knowledge and real-world utility expertise in IT/OT engineering provides vital support to utility personnel.
Reports of high profile cyber attacks on banks, insurance companies, large retailers, the military, and more are all over the media. In response, these institutions have dedicated great resources to harden their cyber defenses. While still targets, these major institutions are increasingly difficult to penetrate. So where are hackers turning their sights?