Security Solutions
Essential Reading
OT/IT Network Segmentation and Zero Trust for Energy Control Networks
Colonial Pipeline shut down 5,500 miles of pipeline after a single compromised VPN password, because it could not verify that ransomware had not crossed from IT into OT.
SCADA Security for Energy
The 2015 Ukraine attack cut power to around 230,000 people by logging into legitimate SCADA HMIs with stolen credentials, not by exploiting a software flaw.
Securing Substations, IEC 61850 Environments and Grid Control Systems
Industroyer, the 2016 malware that blacked out part of Kyiv, included a dedicated module for the IEC 61850 substation protocol, the first malware built to speak grid control protocols directly.
Further Reading
External Attack Surface Management for Distributed Energy Estates
Shodan continuously indexes tens of thousands of internet-facing industrial HMIs and SCADA interfaces, many belonging to operators unaware their systems are publicly reachable.
Managed Detection and Response and Continuous Monitoring for OT/ICS
The 2017 Triton attack on a petrochemical safety system was discovered only because it accidentally tripped the plant, not because anyone was monitoring the OT network.
Anti-Data Exfiltration for Utilities
The DarkSide group exfiltrated nearly 100GB of Colonial Pipeline data before encryption, using double-extortion, the data theft was complete before the ransomware locked a single file.
Third-Party and Vendor Risk Management Across the Energy Supply Chain
The 2020 SolarWinds compromise reached around 18,000 organisations through a single trusted software update, demonstrating how one vendor can become a backdoor into critical infrastructure.