Cybersecurity Threats in the Sectors of Oil, Natural Gas and Electric Power in the Context of Technological Evolution

Wojciech Konaszczuk

Abstract


The announcement of the state of global COVID-19 pandemic, in addition to the negative health, economic and social phenomena, has triggered a massive phenomenon of transferring most aspects of human life to cyberspace. The last decade has shown a geometric progression of the growth of cybersecurity incidents worldwide, including the energy sector. This paper is a conceptual work, while the basic research problem refers to the determination of the level and area of cybersecurity regulation of the energy sector in the supranational, EU and national systems. The fundamental thesis is to confirm the initial assumption of insufficient degree of legal protection of the network, both in the systems of international and internal law. The main purpose is to demonstrate critical legal solutions that will result in the future in critical and serious incidents in the energy supply chain, as well as energy logistics. The originality of the study is associated with the attempt to compile separate legal systems, the subject of regulation of which is cybersecurity of the energy sector. The cognitive value for practice is associated with the indication of a unified conceptual grid and the indication of the main regulations of the issue.


Keywords


cyberspace; cybersecurity of the energy sector; legal systems; technological evolution

Full Text:

PDF

References


LITERATURE

Bernard Cohen I., Howard Aiken: Portrait of a Computer Pioneer, Cambridge 1999, DOI: https://doi.org/10.7551/mitpress/3594.001.0001.

Chałubińska-Jentkiewicz K., Karpiuk M., Kostrubiec J., The Legal Status of Public Entities in the Field of Cybersecurity in Poland, Maribor 2021, DOI: https://doi.org/10.4335/2021.5.

Czuryk M., Właściwość Ministra Spraw Wewnętrznych oraz Ministra Obrony Narodowej w dziedzinie bezpieczeństwa publicznego, [in:] Prawo bezpieczeństwa publicznego, eds. M. Karpiuk, K. Walczuk, Warszawa 2013.

Dauben J., Book Review: The Universal History of Numbers and The Universal History of Computing (part 1), “Notices of the AMS” 2002, vol. 49(1).

Gengler B., Super-hacker Kevin Mitnick takes a plea, “Computer Fraud & Security” 1999, no. 5, DOI: https://doi.org/10.1016/S1361-3723(99)90141-0.

Karpiuk M., Organisation of the National System of Cybersecurity: Selected Issues, “Studia Iuridica Lublinensia” 2021, vol. 30(2), DOI: http://dx.doi.org/10.17951/sil.2021.30.2.233-244.

Karpiuk M., Zakres działania służb specjalnych, [in:] M. Bożek, M. Czuryk, M. Karpiuk, J. Kostrubiec, Służby specjalne w strukturze władz publicznych. Zagadnienia prawnoustrojowe, Warszawa 2014.

Konaszczuk W., Legislacyjne rozwiązania w zakresie przeciwdziałania cyberprzestępczości w prawie podatkowym, Warszawa 2018.

Konaszczuk W., Prawnomiędzynarodowe aspekty obrotu ropą na świecie, Lublin 2017.

Konaszczuk W., Zarządzanie kryzysowe jako element bezpieczeństwa państwa w sytuacji ograniczenia lub braku dostaw gazu ziemnego tranzytem przez Ukrainę do Polski z Federacji Rosyjskiej w świetle regulacji unijnych i krajowych, [in:] Współpraca międzynarodowa w zakresie zarządzania kryzysowego. Teoria i praktyka, eds. A. Furgała, P. Niemczuk, Rzeszów 2013.

Kostrubiec J., Formy działania służb specjalnych, [in:] M. Bożek, M. Czuryk, M. Karpiuk, J. Kostrubiec, Służby specjalne w strukturze władz publicznych. Zagadnienia prawnoustrojowe, Warszawa 2014.

Kostrubiec J., The Role of Public Order Regulations as Acts of Local Law in the Performance of Tasks in the Field of Public Security by Local Self-government in Poland, “Lex localis – Journal of Local Self-Government” 2021, vol. 19(1), DOI: https://doi.org/10.4335/19.1.111-129(2021).

Massoud Amin S., Power and Energy Infrastructure: Cyber Security, Defense, and Resilience, “Georgetown Journal of International Affairs” 2015, no. 16.

Paganini P., RasGas, new cyber attack against an energy company, “Malta Independent”, 31.08.2012.

Robertson J., Riley M., Pipeline Blast Opened New Cyberwar, “Bloomberg”, 10.12.2014.

Smith M.F., Htoo N., Energy Security: Security for Whom, “Yale Human Rights and Development Law Journal” 2008, vol. 11.

Taylor J., Van Doren P., Energy Security Obsession, “Georgetown Journal of Law & Public Policy” 2008, vol. 6(2).

USA Documents, Public Affairs Office, United States Mission to the European Communities, 1973, no. 61.

ONLINE SOURCES

Analysis of Selected Electric Sector High Risk Failure Scenarios, December 2015, https://smartgrid.epri.com/doc/NESCOR%20Detailed%20Failure%20Scenarios%20v2.pdf [access: 14.07.2021].

Best Practices in Supply Chain, https://csrc.nist.gov/CSRC/media/Projects/Supply-Chain-Risk-Management/documents/case_studies/USRP_NIST_Utility_093015.pdf [access: 14.07.2021].

Critical Infrastructure Protection: Actions needed to address significant cybersecurity risks facing the electric grid, August 2019, www.gao.gov/assets/gao-19-332.pdf [access: 14.07.2021].

Cyber Security in Energy Sector: Recommendations for the European Commission on a European Strategic Framework and Potential Future Legislative Acts for the Energy Sector, EECSP Report, February 2017, https://ec.europa.eu/energy/sites/ener/files/documents/eecsp_report_final.pdf [access:12.07.2021].

Edison Electric Institute, Report 2019, www.eenews.net/energywire/stories/1060089829?t=https%3A%2F%2Fwww.eenews.net%2Fstories%2F1060089829 [access: 14.07.2021].

Gapiński K., Blackout w zachodniej Ukrainie – cyber atak o wymiarze międzynarodowym, 20.01.2016, https://pulaski.pl/komentarz-blackout-w-zachodniej-ukrainie-cyber-atak-o-wymiarze-miedzynarodowym [access: 14.07.2020].

Hopkins N., Stuxnet attack forced Britain to rethink the cyber war, 30.05.2011, www.theguardian.com/politics/2011/may/30/stuxnet-attack-cyber-war-iran [access: 14.07.2021].

International Energy Agency, Energy security Reliable, affordable access to all fuels and energy sources, www.iea.org/topics/energysecurity [access: 14.07.2021].

International Energy Agency, Member countries, www.iea.org/countries/membercountries [access: 12.07.2021].

Malboard: New Computer Attack Mimics User’s Keystroke Characteristics and Evades Detection, 5.06.2019, https://in.bgu.ac.il/en/Pages/news/Malboard.aspx [access: 14.07.2021].

McLaughlin S., Zonouz S., Pohly D., McDaniel P., A Trusted Safety Verifier for Process Controller Code, 22.02.2014, www.ndss-symposium.org/wp-content/uploads/2017/09/02_2_1.pdf [access:29.08.2021].

Ministerstwo Klimatu i Środowiska, Polityka Energetyczna Polski do 2040 roku, www.gov.pl/web/klimat/polityka-energetyczna-polski [access: 14.07.2021].

Security Tip Report (ST04-001), 6.05.2009, https://us-cert.cisa.gov/ncas/tips/ST04-001 [access: 14.07.2021].

Testimony of James B. Robb, President and Chief Executive Officer, North American Electric Reliability Corporation, Before the House Committee on Energy and Commerce, Subcommittee on Energy “Keeping the Lights On: Addressing Cyber Threats to the Grid”, 12 July 2019, www.nerc.com/news/testimony/Testimony%20and%20Speeches/House%20Energy%20and%20Commerce%20Cyber%20Hearing%20Testimony%207-12-19.pdf [access: 14.07.2021].

United Nations, Report of the Tenth United Nations Congress on the Prevention of Crime and the Treatment of Offenders, Vienna, 10–17.04.2000, https://digitallibrary.un.org/record/432663/files/A_CONF.187_15-EN.pdf [access: 17.07.2021].

U.S. Energy Information Administration, Saudi Arabia Analysis, 2013, www.eia.gov/countries/cab.cfm?fips=SA [access: 14.07.2021].

LEGAL ACTS

Act of 17 February 2005 on the computerization of operation of entities which perform public tasks (Journal of Laws 2020, items 346, 568 and 695).

Act of 5 July 2018 on the national cybersecurity system (Journal of Laws 2020, item 1369).

Commission Recommendation (EU) 2019/553 of 3 April 2019 on cybersecurity in the energy sector (notified under document C(2019) 2400) (OJ L 96/50, 5.04.2019).

Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ EU L 194/1, 19.07.2016).

Resolution of the UN General Assembly no. 55/63 of 22 January 2001, A/RES/55/63.

Resolution of the UN General Assembly no. 56/121 of 22 January 2001, A/RES/56/121.

Resolution of the UN General Assembly no. 60/177 of 16 December 2005, A/RES/60/177.

Resolution of the UN General Assembly no. 64/211 of 17 March 2010, A/RES/64/211.

Resolution of the UN General Assembly no. 65/230 of 21 December 2010, A/RES/65/230.

United Nations Convention against Transnational Organized Crime (UNTOC) adopted by General Assembly on 15 November 2000, United Nations Treaty Series, vol. 2225.




DOI: http://dx.doi.org/10.17951/sil.2021.30.4.333-351
Date of publication: 2021-10-13 00:45:46
Date of submission: 2021-07-17 18:28:43


Statistics


Total abstract view - 2016
Downloads (from 2020-06-17) - PDF - 0

Indicators



Refbacks

  • There are currently no refbacks.


Copyright (c) 2021 Wojciech Konaszczuk

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.