Threat is on a global scale. Whether private international conglomerates, such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil)
A recent report by Verizon, an American telecommunications company, points out that the energy sector, which includes oil, gas, mining and extraction, as one of the most targeted for cyber attacks.
Not to mention the global energy crisis, driven by the conflict between Russia and Ukraine, the energy and extraction industries end up becoming a potential target for cybercriminals, both because of their strategic positions within world economies and the valuable information they provide. they can be “exchanged” for absurd amounts, and even used for espionage.
Energy area is the most strategic among all infrastructures
“The energy area is the most strategic of all infrastructures, because, in addition to direct financial gains, opponents can extort companies that maintain an essential service to society. Furthermore, more sophisticated adversaries, such as APT (Advanced Persistent Threats) groups and nation states may be interested in having access to the sector's control platforms for strategic operations", says Sandro Süffert, CEO of Apura Cyber Intelligence, which operates in the development of solutions for monitoring and detection of possible virtual threats and works in partnership with companies around the world, such as Verizon itself.
- Keep an eye out! Federal Revenue Service issues warning about the use of Pix and credit cards; understand
- US, now led by Trump, announces colossal investment of R$2,5 TRILLION in Artificial Intelligence (AI)
- Elon Musk: The power of saying 'NO' revealed by ex-wife who explains the billionaire's secret to success
- Looking in the rearview mirror! Argentina moves forward and leaves Brazil behind in yet another requirement
And in that sense, the threat is on a global scale. Whether private international conglomerates, such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil), the boldness of criminals is unlimited and gaps in the security of networks and information are tested all the time, in an attempt to find flaws that allow attacks.
According to the report, in 2021, the year of analysis, there were 403 incidents monitored, and 179 that had confirmation of data leakage; 78% were financially motivated, while 22% of the threats sought to break data secrecy for espionage.
More than 60% of all attacks were phishing, a technique to deceive users and obtain confidential information
It is noteworthy that more than 60% of all attacks were phishing, which is a social engineering technique used to deceive users and obtain confidential information, such as username, password and credit card details, from fake messages, such as email, links, websites and even apps. The most used medium, according to the report, was the company's e-mail servers, followed by web and desktop applications.
This has led to large numbers of stolen credentials (potentially collected by phishing) and ransomware, which is the “kidnapping” of information in exchange for ransoms. “Having this data in hand gives criminals a lot of bargaining power,” says Süffert.
The expert also points out that the problem could be much bigger if it weren't for companies that are increasingly specializing in the development of solutions that seek to identify threats before they consolidate into effective attacks. Systems such as BTTng monitor millions of pieces of information on the internet in search of patterns that may point to a possible threat and, thus, issue alerts for the company to redouble its attention and activate its protection systems at the maximum level, including warning employees to risks of accessing any uncertified content.
“The creativity and daring of the bandits is very great and, for this reason, the fewer opportunities and greater prevention energy companies invest, the lower the risk of having to deal with the loss of valuable information”, concludes Sandro Süffert.
Click here to view the report.