The wind turbine manufacturer Vestas has been hit by a cyber attack that impacted its internal IT systems and compromised data.
Dominic Trott, UK Product Manager, at Orange Cyberdefense focuses on this incident and comments on how businesses within the CNI industry can protect themselves from cyber-attacks.
“The news that Vestas, a Danish wind turbine manufacturer, has been hit by a cyber-attack that forced some of its IT systems offline and compromised data is a stark reminder of the need to protect critical national infrastructure (CNI). As we move away from fossil fuels and increase our reliance on renewable energy, the sector will become much more of a target for cybercriminals looking to cause disruption or achieve financial gains. Therefore, the industry needs to become more robust, not just in order to sustain increased demand and meet renewable targets, but to ensure its vital operations are never taken offline.
“To achieve this, while plenty of sophisticated solutions are available, organisations are advised to begin with the security fundamentals. First of all, it is crucial that employees are aware of the threat that they face and the importance of adopting good security hygiene behaviour. Simple measures, such as avoiding opening attachments or clicking on links unless they are from a legitimate source, can go a long way to reducing the risk of potential breaches.
“Secondly, organisations must be sure to prioritise patch management amongst their systems, updating and ridding key systems of any potentially catastrophic vulnerabilities can prevent many breaches before they can even occur.
“Finally, it is critical to adopt a ‘defence in depth’ strategy that ensures a consistent approach to security across all control points. For example, the ability to combine endpoint protection – where modern detection-centric techniques can identify unusual and unwanted behaviour and quarantine the associated assets – with network security – that prevents malicious traffic from proliferating ‘east/west’ across the organisation – can help to contain a security breach.
“It is still unclear how Vestas’ systems were compromised, but when tried and trusted security best practices are supplemented with investment into the most up-to-date security tools and processes, organisations responsible for CNI can reduce the risk of a damaging breach that could have national consequences.”
To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here.
Media contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: editor@securitybuyer.com