Energy Companies Are Aware of the Threats, but Not Necessarily Prepared for Them

IronClad Encryption Corporation (the "Company" or "IronClad") (OTCQB:IRNC), a next-generation cyber defense company that secures digital assets and communications across a wide range of industries and technologies, released a statement today on Energy Sector Cyberattacks.

The energy industry, and other critical U.S. infrastructure are under attack. Last month, the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issued a joint warning that the Russian government is sponsoring attacks on U.S. critical infrastructure including companies in the energy sector. The malicious actors are gaining access into energy sector networks, moving laterally and collecting information pertaining to Industrial Control Systems (ICS).

On April 5, Dark Reading reported that four gas pipeline companies had been breached via their Electronic Data Interchange (EDI) partner: Oneok Inc, Boardwalk Pipeline Partners, Energy Transfer Partners, and Eastern Shore Natural Gas. In the blog, author Jai Vijayan warned,

"The attack — and its impact on the four companies — is sure to prompt a greater review of the security risks posed by third-party support services in the energy sector as elsewhere. Networks belonging to suppliers, partners, and service providers typically have trusted access to enterprise networks but are very often far less protected. Unsurprisingly, attackers have repeatedly targeted these networks to try and gain access to their ultimate targets."

Recent research also reflects this trend. A 2017 SANS Institute report focusing on ICS security specifically, said that 69% of the survey respondents consider ICS system threats "high" or "severe/critical."

"We're behind the scenes with some of American's most successful energy companies. They need help addressing attacks on industrial control systems and programmable logic controllers," said J.D. McGraw, president and CEO of IronClad Encryption. "As part of that effort, we are providing professional services that help ensure more effective monitoring and management of such threats. We're also providing solutions that prevent hackers from seizing control of assets."

Energy company hacks are a danger to those organizations and the public at large. Businesses can be disrupted, which can cause serious financial and reputational damage. Dangers to the public include environmental hazards such as toxic leaks or meltdowns that can cause serious health conditions or even death. All of that can lead to regulatory fines and lawsuits, although the larger threat is the widespread disruption of businesses, governments, and day-to-day life."

When hackers are able to slip past firewalls and evade intrusion detection systems, they are free to roam networks. Rather than attacking industrial control systems directly, they often target corporate or third-party networks that are connected to the industrial control systems.

"While energy companies are aware of the threats, they do not necessarily know how to manage them," said J.D. McGraw. "Business leaders, especially, tend to be over-confident in their company's ability to handle such threats, a perspective that can differ significantly from those who are charged with preventing and mitigating the effects of such attacks."

Threats to the energy sector are a clear and present danger to the U.S. national economy and its citizens. Cyberterrorism and cyberattacks are becoming more persistent, so the strategies and tactics used to combat them must evolve as the nature of the threats themselves evolve.

About IronClad Encryption Corporation:

Visit IronClad Encryption at www.IronCladencryption.com

FORWARD-LOOKING STATEMENTS:

View source version on businesswire.com: https://www.businesswire.com/news/home/20180410005626/en/