The precise extent of attacks on power plants in Russia is difficult to assess
The precise extent of attacks on power plants in Russia is difficult to assess

Large energy facilities and nuclear power plants may become a main target of cyber-attacks in Russia and Western countries in the coming year, according to a recent report, issued by the experts of Kiberbezopasnost, one of Russia's leading analysts in the field of cyber-security and IT.

According to the report, in recent years the number of cyber-attacks on large-scale energy facilities in Russia and the EU has significantly increased, while, in addition to data leakage and the loss of profits, such attacks may result in the complete suspension of operations of these objects or even man-made disasters.

This has already been confirmed to SC Media UK by representatives of some leading Russian energy producers, as well as foreign companies, operating in the country, among which are Transneft, Gazprom Neft, Rossetti, Gazprom, Enel, Rosatom and some others.

In previous years, the attacks were mostly conducted by hacker groups, affiliated with major competitors in the energy industry, to steal trade secrets and confidential data. In contrast, the aim of the attacks now seems to be causing technogenic disasters and even ecological catastrophes.

In the case of Russia, according to official statistics of the department of the fight with cyber-crimes of the Russian Ministry of Internal Affairs, since the beginning of the current year the number of cyber-attacks on large energy objects and nuclear power facilities in Russia has amounted to about 350, which is by more than 50 percent higher than in 2015.

As Ivan Drevnov, a spokesman of the department told SC, the majority of these attacks were prevented by the companies themselves, while Russian police had conducted several arrests of people that could be related with these attacks.

Drevnov said that the current situation remains complex, as the majority of companies prefer not to disclose the information on cyber-attacks due to reputational and other risks. This complicates the investigation of these crimes by police and other law enforcement agencies.

The situation is aggravated by weak cyber-security of the majority of these enterprises, which is reflected by a high number of weaknesses and vulnerabilities in their computer systems, which is used by hackers.   

According to statistics of the Russian Ministry of Internal Affairs, the number of vulnerabilities in the computer infrastructure of such energy objects may reach 1000 a year, a tally which includes holes in the installed software, errors in the network infrastructure, lack of necessary software updates and weak anti-virus protection.

In addition to corporate networks, the attacks are conducted via personal computers, phones and tablets of employees of these enterprises.