Energy Companies Are Aware of the Threats, but Not Necessarily Prepared for Them
ronClad Encryption Corporation (the "Company" or "IronClad") (otcqb:IRNC), a next-generation cyber defense company that secures digital assets and communications across a wide range of industries and technologies, released a statement today on Energy Sector Cyberattacks.
The energy industry, and other critical U.S. infrastructure are under attack. Last month, the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issued a joint warning that the Russian government is sponsoring attacks on U.S. critical infrastructure including companies in the energy sector. The malicious actors are gaining access into energy sector networks, moving laterally and collecting information pertaining to Industrial Control Systems (ICS).
On April 5, Dark Reading reported that four gas pipeline companies had been breached via their Electronic Data Interchange (EDI) partner: Oneok Inc, Boardwalk Pipeline Partners, Energy Transfer Partners, and Eastern Shore Natural Gas. In the blog, author Jai Vijayan warned,
"The attack — and its impact on the four companies — is sure to prompt a greater review of the security risks posed by third-party support services in the energy sector as elsewhere. Networks belonging to suppliers, partners, and service providers typically have trusted access to enterprise networks but are very often far less protected. Unsurprisingly, attackers have repeatedly targeted these networks to try and gain access to their ultimate targets."
Recent research also reflects this trend. A 2017 SANS Institute report focusing on ICS security specifically, said that 69% of the survey respondents consider ICS system threats "high" or "severe/critical."
"We're behind the scenes with some of American's most successful energy companies. They need help addressing attacks on industrial control systems and programmable logic controllers," said J.D. McGraw, president and CEO of IronClad Encryption. "As part of that effort, we are providing professional services that help ensure more effective monitoring and management of such threats. We're also providing solutions that prevent hackers from seizing control of assets."
Energy company hacks are a danger to those organizations and the public at large. Businesses can be disrupted, which can cause serious financial and reputational damage. Dangers to the public include environmental hazards such as toxic leaks or meltdowns that can cause serious health conditions or even death. All of that can lead to regulatory fines and lawsuits, although the larger threat is the widespread disruption of businesses, governments, and day-to-day life.”
When hackers are able to slip past firewalls and evade intrusion detection systems, they are free to roam networks. Rather than attacking industrial control systems directly, they often target corporate or third-party networks that are connected to the industrial control systems.
“While energy companies are aware of the threats, they do not necessarily know how to manage them,” said J.D. McGraw. “Business leaders, especially, tend to be over-confident in their company's ability to handle such threats, a perspective that can differ significantly from those who are charged with preventing and mitigating the effects of such attacks.”
Threats to the energy sector are a clear and present danger to the U.S. national economy and its citizens. Cyberterrorism and cyberattacks are becoming more persistent, so the strategies and tactics used to combat them must evolve as the nature of the threats themselves evolve.
About IronClad Encryption Corporation:
Ironclad Encryption Corporation (otcqb:IRNC) is an X-Generation cyber defense company that secures digital assets and communications across a wide range of industries and technologies. IronClad Encryption-powered solutions utilize our patented Dynamic Encryption and Perpetual Authentication technologies to make all known key-based encryption technologies virtually impossible to compromise. Dynamic Encryption Technology eliminates vulnerabilities caused by exposure of any single encryption key by continuously changing encryption keys and keeping the keys synchronized in a fault-tolerant manner. Perpetual Authentication Technology uses multiple virtual channels for encryption so that in the event one channel is compromised, the other channels maintain encryption integrity. Together, these technologies not only eliminate the single point of failure problem created by having keys exposed through brute force, side channel, or other types of attack, but do so with very low latency and system performance overhead. Developers, MSPs, MSSPs and IT organizations can now easily and effectively integrate ultra-secure authentication and encryption measures across essentially all mediums. This includes the latest processors and operating systems, legacy hardware and software, within or between networks and on compartmentalized data or entire databases. At rest or in-motion, IronClad Encryption ensures data remains safe, secure and uncompromised.
Visit IronClad Encryption at www.IronCladencryption.com
This press release may contain forward-looking statements that involve substantial risks and uncertainties. The information included in this release should not be used for investment purposes because statements of intent or projections of financial performance are based on assumptions that can change. In addition, events or circumstances may arise that we can neither anticipate or control. Therefore, any statements of intent or predictions of financial performance are valid only on the date of this press release. We undertake no obligation to update or revise publicly any forward-looking statements, except as required by law.
View source version on businesswire.com: https://www.businesswire.com/news/home/20180410005626/en/
SOURCE: IronClad Encryption Corporation
IronClad Encryption Corporation
Lisa Morgan, 928-284-6849
Porter, LeVay & Rose, Inc.
Matthew Abenante, 212-546-4700