In a report released by Verizon, data shows that criminals are looking to kidnap credential information from giant, global energy companies. More than 60% of all attacks were phishing attacks, a technique to trick users into obtaining confidential information
A recent report by Verizon, a US telecommunications company, points to the energy sector, which encompasses oil, gas, mining, and extraction, as one of the most targeted for cyber attacks.
Not to mention the global energy crisis, driven by the conflict between Russia and Ukraine, the energy and extraction industries end up becoming potential targets for cybercriminals, both because of their strategic positions within world economies, and because of the valuable information that can be “traded” for absurd amounts, and even used for espionage.
“The energy area is the most strategic among all infrastructures, because, besides direct financial gains, adversaries can extort from companies that maintain an essential service to society. In addition, more sophisticated adversaries, such as APT (Advanced Persistent Threats) groups and nation-states may be interested in gaining access to the sector’s control platforms for strategic operations,” says Sandro Süffert, CEO of Apura Cyber Intelligence, which operates in the development of solutions for monitoring and detection of possible cyber threats and works in partnership with companies around the world, such as Verizon itself.
And, in this sense, the threat is on a global scale. Whether private international conglomerates such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil), the boldness of criminals is unlimited and security holes in networks and information are tested all the time, in an attempt to find flaws that allow attacks.
According to the report, in 2021, the year of analysis, there were 403 incidents monitored, and 179 that had confirmation of data leakage; 78% had a financial motivation, while 22% of the threats sought to break the secrecy of data for espionage.
It is noteworthy that more than 60% of all attacks were phishing attacks, which is a social engineering technique used to trick users into obtaining confidential information such as usernames, passwords, and credit card details from fake messages such as email, links, websites, and even apps. The most commonly used medium, according to the report, was company email servers, followed by web and desktop applications.
This led to the large number of stolen credentials (potentially collected by phishing) and ransomware, which is the “kidnapping” of information for ransom. “Having this data in hand gives criminals a lot of bargaining power,” says Süffert.
The specialist also points out that the problem could be much greater if it weren’t for companies that are becoming increasingly specialized in developing solutions that seek to identify threats before they consolidate into effective attacks. Systems like BTTng monitor millions of pieces of information on the Internet in search of patterns that could point to a possible threat and, thus, issue alerts for the company to redouble its attention and activate its protection systems to the maximum level, including warning employees about the risks of accessing any uncertified content.
“The creativity and audacity of the bandits is very high and, for this reason, the fewer opportunities and greater prevention the energy companies invest in, the lower the risk of having to deal with the loss of valuable information,” concludes Sandro Süffert.
To view the report: https://www.verizon.com/business/resources/reports/dbir/