The US energy grid is a popular target for cybercriminals, most of them likely state-sponsored hackers, with 79 reported hacking incidents investigated by the Department of Homeland Security's Computer Emergency Readiness Team. Although it's a drop from the 145 investigated incidents from 2013, there is a significant issue of US critical infrastructure being targeted by skilled cybercriminals.
There have been at least 50 customized pieces of malware designed to target energy companies, and their security efforts haven't been able to hold up. The Russian BlackEnergy malware was found on software assigned to control US electrical turbines - and while there were no attempts to disrupt the machinery - is a clear indicator that cybersecurity efforts need to be boosted immediately.
"Our grid is definitely vulnerable," said David Kennedy, TrustedSec CEO. "The energy industry is pretty far behind most other industries when it comes to security best practices and maintaining systems."