A RECENT Senate hearing showed the clear ignorance of the country’s power grid operator on the absolute importance of cybersecurity in our public utilities.
The government must ensure that the national power grid and other public utilities should engage dedicated cybersecurity divisions to repel against attacks on their infrastructure. It should be pointed out that cyberattacks are not limited merely on the power grid, as in the case of Ukraine. In 2012 and 2017, Saudi Aramco was attacked, destroying 30,000 computers and paralyzing operations. As such, the government should ensure that vulnerable public utilities such as telecoms and ports should be tasked to maintain cybersecurity teams and ensure information-sharing and reporting with government.
Cyberattacks can disrupt industries and populations. The 2015 Ukraine power grid attack switched off 30 substations, and left two hundred thousand people without electricity for a period of one to six hours. Its service hotline was also shut down. In the context of the Philippines, this includes the entire chain of electricity: from generation, transmission to distribution.
Cyberattacks also targeted the maritime industry, including International shipping company Maersk. In 2017, a malware named NotPetya, locked access to systems that Maersk used to operate shipping terminals around the world. This attack took two weeks to fix and resulted in a total loss of global operations. It also resulted in the loss of revenue amounting to $300 million.
Wth the country moving towards more advanced infrastructure and transport systems, cybersecurity should not be ignored. Because the transmission business is a public utility, the public certainly deserves more than its executives’ passing understanding of these threats.
