Bitcoin, the Internet's premier cryptocurrency, has fallen a lot lately.
The cyber currency traded at a range between $900 to $1,000 for weeks. It now trades around $600. and is trading even lower at MtGox, the beleaguered Japanese bitcoin exchange.
Many believe the enormous decline in bitcoin's price is due to cyber-attacks. Hackers can potentially exploit a flaw in bitcoin's original programming that allows them to fake transactions. While that flaw has since been fixed at many bitcoin exchanges, MtGox was slow in patching up its systems and subsequently exposed its customers.
What does this have to do with energy companies? Well, like the bitcoin exchanges, many U.S. energy companies face cyber-attacks every day.
Cyber-attacks on energy infrastructure
In its annual report, oil service company Halliburton (NYSE:HAL) stated that one risk it faces is cyber-attacks on its digital infrastructure. Oil super-major BP (NYSE:BP) has also stated it considers cyber-attacks a threat. BP CEO Bob Dudley has said the company wards off up to 50,000 cyber-attack a day.
U.S. energy companies are not alone in facing cyber-attacks. The largest oil company in the world, Saudi Aramco, was a victim of a successful cyber-attack in 2012. The successful cyber-attack disabled around 30,000 computers, leading to millions of dollars in damage.
Traditionally, cyber-attacks aim to take negotiation tactics, intellectual property, and customer data. They are typically done by non-state actors with a profit motive.
Because energy is the lifeblood of modern society, however, energy infrastructure attackers are increasingly state actors as well. Many believe the attack on Saudi Aramco was caused by Iran.
The bottom line
As the bitcoin experience shows, cyber-attacks can have devastating effects. In the software industry, there is a saying, "anything that can go wrong will go wrong." For bitcoin, a small vulnerability in the code base led to a precipitous fall in price.
For the energy industry, the same principle applies. If hackers successfully exploit a digital vulnerability, the costs can be enormous. Refineries or pipelines could be shut down. Because everyone is interconnected, companies are only as strong as their weakest link. Even though the companies themselves are secure, any bottleneck in the chain from oil suppliers to pipelines to refiners could lead to problems.
Many believe that the only solution to the problem is for the U.S. government, along with major energy infrastructure stakeholders, to create a coordinated and comprehensive digital security program.
To their credit, the U.S. government and energy companies have been on the ball.
In 2013, the U.S. Energy department awarded $30 million to 11 security vendors to develop technology that can better protect the U.S.'s electric grid and oil and gas infrastructure from cyber-attacks.
Recently, the United States Department of Homeland Security, along with 210 utility companies such as American Electric Power (NYSE:AEP), also conducted a cyber-attack drill to test electric grid readiness and response systems.
Because of the proactive measures taken, there have been no major domestic incidences that the news media is aware of. Whether a future cyber-attack will shut down a refinery or a pipeline is uncertain, but it is certain that it is a whole new world in terms of information technology risk.