Skip navigation

0Meta Navigation

× Close search

Navigation

Home Stories Threats to energy infrastructure
Stories

Threats to energy infrastructure

12 July 2013
The OSCE is working to protect societies that are increasingly reliant on energy produced by, and distributed through, critical energy infrastructure.
(iStockphoto)

In 2003, a major power outage hit New York, eventually affecting 55 million people in the eastern United States and Canada.  By wreaking havoc on the transportation system and hospitals, among other infrastructure, the outage contributed to a number of deaths.

Although the events that triggered the outage were not due to a cyber-related terrorist attack, the outage’s widespread impact on a number of different sectors shows that it is vital that we protect critical energy infrastructure from the potentially devastating consequences of a targeted cyber-attack.

Society is increasingly reliant on energy produced by, and distributed through, critical energy infrastructure, which is often linked to the Internet.  At the same time, attempted intrusions into the industrial control systems or Supervisory Control and Data Acquisition (SCADA) systems of private companies’ and governments’ critical energy infrastructure are on the rise, while companies and governments are faced with the challenges and costs associated with defending themselves.

The OSCE, in response to these pressing issues and to recommendations from the Public-Private Expert Workshop on Protecting Non-Nuclear Critical Energy Infrastructure from Terrorist Attacks, held in Vienna in February 2010, set out to explore these issues. The Organization called on experts from the public and private sectors, including from NATO and the EU, to develop a new Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection (NNCEIP) from Terrorist Attacks Focusing on Threats Emanating from Cyberspace.

The Guide focuses on raising awareness of the significance of non-nuclear critical energy infrastructure and the extent to which it is threatened by cyber-related terrorist attacks, with some discussion of other types of threats. It explores key policy issues and challenges and presents good practices for government policy-makers, as well as private-sector owners and operators. The Guide catalogs policies, practices, and institutional arrangements to improve the cybersecurity of energy infrastructure and promotes a cooperative, integrated, and risk-based approach. It also shows that there is growing interest in greater national and international co-operation and information exchange between public agencies and private owners and operators of this essential infrastructure to help address the threat of cyber-related attacks.