Green is the New Black: Cybercrime Hacks Our Green Credentials

Green is the New Black: Cybercrime Hacks Our Green Credentials

Kobi Freedman Enterprise

Green technology is growing. A report published in late 2014 by World Bank Group entitled “Building Competitive Green Industries” looked at the technology opportunities of building and using green technology. The report highlights that investment across 15 clean technology sectors will be more than $6.4 trillion over the coming decade; of that, small to medium sized enterprises in developing countries, will have a potential market of $1.6 trillion to exploit.  And China is the biggest investor in green technology spending over $90 billion US on renewable energies in 2014 and expecting to spend over $2.5 trillion in the next 15 years.

And going green is a great business strategy. Consumers are increasingly interested in companies who have green credentials. Research carried out by consumer market analysts Nielsen into corporate social responsibility, found that globally, 55% of consumers were willing to pay extra for products and services that had a green policy.  Using green technology makes sense too, not just for environmental reasons, but for general business and financial reasons. An example being green network switches which use less energy and switch off when not used so lower your overall costs.

But green is also the new black, with new technology sprouts the shoots of new cyber threats. According to a Bloomberg report on Global Trends in Renewable Energy Investment 2015, the energy sector is one of the growth areas for green technology with 9.1 % of world energy generation coming from renewable energy sources. Green energy requires new processes and procedures which require new underlying software and systems.  One of the recognised challenges of the movement towards a more green energy sector is the structural challenges that come with replacing older grid technologies. The trouble is the energy sector is a prime target for cyber criminals. The U.S. Department for Homeland Security reported that in 2014 the energy sector was the most targeted of all industries in the USA with the Industrial Control Systems Cyber Emergency Response Team ( ICS-CERT) responding to 79 security incidents (32% of incidents across all industry sectors). Many of the incidents involved exploitation of internet facing Supervisory Control and Acquisition (SCADA) devices. Hewlett Packard (HP) concur with these findings in their report 2014 Global Report on the Cost of Cybercrime, which puts energy companies at the top of the financial loses list with an average of $13.2 million annual loss due to cybercrime.

With the buoyant investment scene around green technology and in particular renewable energy, companies taking on the green mantra are becoming an interesting proposition for cyberespionage attackers. It is reported by FireEye that Advanced Persistent Threats (APT’s) are being increasingly used by Southeast Asian groups against U.S. and multi-national corporations who utilize green technology and clean energy; the reasons behind these attacks being intellectual property theft and general cyberespionage.

Green technology is emerging alongside the Internet of Things (IoT) and changing the landscape of technology. Green technology is taking advantage of the connected world by using the IoT to improve its capacity.  An example of this was from Microsoft who blogged about how the collection and smart analysis of data can improve and optimize energy use by consumers and businesses alike.  But expanded connectivity can create new security threats. The CISO of the FBI, Arlette Hart gave a speech at the IoT Security conference in Boston this month, where she stated that the development of the IoT was outpacing the efforts to secure it.

Collaborative Security: How to Make the Grass Grow Greener

One of the recommendations that ICS-CERT have made regarding the major risks to energy utilities by cybercrime is to mitigate the threats by sharing security intelligence. Similarly HP and the Infosec Institute have also proposed an industry wide ethos of proactive collaboration around, not just security intelligence sharing, but also cooperation with policy makers and regulators, something that a new green future should be able to embrace more easily than more outmoded technologies by utilising the more modern approaches of the connected technology it uses.

What is clear is that current modes of cyber risk management are not able to keep pace with this changing technology landscape. As cybercriminals find new and more sophisticated ways of attacking our infrastructures, we need to find similar sophisticated methods of preventing them. The evolutionary arms race we have found ourselves waging can only be won by being one step ahead of the perpetrators of cybercrime. Collaboration within and across industries is a way to build a show of strength and to crystallize our efforts against cyber threats.

Collaborative security is an evolutionary step forward in this ‘War of Attrition’ that we currently find ourselves in. It is a method of utilising collective intelligence and data to have greater visibility of attack vectors and their outcome. This type of collaborative behaviour is the only way to prevent the type of major cyber-attack that will be perpetrated against our new found green technologies.

The following two tabs change content below.
Kobi Freedman

Kobi Freedman

Founder & CEO at Comilion
Kobi Freedman is the Co-Founder and CEO of Comilion, pioneering the collaborative security segment by developing an infrastructure for exclusive sharing networks in regulated and highly sensitive environments. Kobi has been immersed in the cyber security arena for over 15 years. Starting out in the IDF and following on with private sector, he participates in numerous Israeli and global policy workgroups that set the standards for cyber defense.