Background The impacts of cyber-attacks have been devastating to the global economy in recent years. According to a recent study by Huang, Siegel, and Madnick (2019), cyber-attacks cost the global economy $53 billion annually. The study also points out that cyber-attacks are more pronounced in heavily regulated industries like financial services, energy, and healthcare. Among the cybersecurity attacks the world has witnessed in recent years, malware is the most pronounced, encompassing various attacks such as spyware and viruses. Notably, malware utilizes vulnerabilities to breach a network by installing malicious software within the said system. When malware and associated malicious files penetrate a computer network, malicious actors can disrupt the system or render it completely inoperable, obtain confidential data, or even deny users accessing critical network components. As Huang, Siegel, and Madnick (2019) further posit, the past couple of years have seen hundreds of new malware families released into the global cybersecurity spectrum, tripling the volume recorded in previous decades. At the same time, Huang, Siegel, and Madnick (2019) state that the last five years have been characterized by a 36% increase in malware attacks globally, with others believing that these figures could even be higher. An example of a recent malware incident of global proportions was the 2017 WannaCry attack, which saw organizations' computer networks such as the United Kingdom's National Health Service (NHS) and international shipping firm FedEx breached. Although the attack caused global panic, the financial damage was relatively low, with experts estimating that the hackers only stole $50,000 worth of Bitcoin. Cybersecurity has undeniable global ramifications from the preceding, making each organization a potential target. Various studies have recently identified approaches that the energy sector can adopt to reduce its vulnerability to malware attacks. According to Huang, Siegel, and Madnick (2019), one of the first crucial steps organizations operating in this landscape should take is adopting
Malware Threats to the Energy Sector industry-wide collaboration to address the constantly expanding convergence between physical and virtual threats. In other words, there should be robust relationships between key stakeholders in the energy sector to, among other things, engage in regular dialogue that is useful in securing the delicate interconnectivity between physical and virtual infrastructure. Kumar, Prasad, and Samikannu (2018) propose a different approach to reducing the sector's vulnerability to malware attacks and other cybersecurity threats. In their view, it is vital for organizations operating in this sector to develop programs to reduce existing operational gaps and enhance an overall culture of security. In other words, the authors argue that a properly functioning entity in the energy sector should be organized in such a way that personnel -from management to subordinate teams- are aware of the threats malware attacks pose to their operations and have robust processes that can facilitate the effective reporting of potential vulnerabilities and emerging incidents. By and large, literature in this area recommends a top- bottom organizational approach towards cyber risk management. As stated earlier, the malware landscape has evolved rapidly over the last five years. According to Wadkar, Di Troia, and Stamp (2020), techniques that are becoming increasingly popular in today's malware attacks include operators exfiltrating user data and utilizing the said data for further monetization purposes. In other cases, Wadkar, Di Troia, and Stamp (2020) have observed unique malware variants capable of targeting industrial control systems and running and manipulating OT system data. At the height of the COVID-19 pandemic, a new trend emerged, where hackers used the threat of leaking the data they obtained as leverage to manipulate victims into paying a specific ransom figure. Wadkar, Di Troia, and Stamp (2020) opine that given the critical importance of the energy sector to the infrastructure of any country, the world will continue seeing malware evolutions as operators leverage attacks to aid their extortion and monetization schemes further. Against this backdrop, the sector needs to eliminate the obvious vulnerabilities hackers can exploit to access their networks.