Perhaps for that reason, energy companies are increasingly coming into the sights of hackers. According to a February IBM analysis, energy companies were the third most targeted sector for cyberattacks, after finance and manufacturing. For any company, updating and securing computer systems is fairly straight-forward and routine, Howard said. But protecting internet-connected physical infrastructure remains costly and tedious, he said.

“The unfortunate truth,” said Dan Schiappa, chief product officer at Sophos, “is that infrastructure today is so vulnerable that just about anyone who wants to get in can get in.”

📬 Sign up for the Daily Brief

Our free, fast, and fun briefing on the global economy, delivered every weekday morning.