1. Home
  2. / Economy
  3. / Energy sector becomes a preferred target of cyber attacks due to strategic positioning within the global economy and valuable information that can be exchanged for absurd amounts and even serve for espionage
reading time 3 min read

Energy sector becomes a preferred target of cyber attacks due to strategic positioning within the global economy and valuable information that can be exchanged for absurd amounts and even serve for espionage

Written by Flavia Marinho
Published 04/08/2022 às 14:15
Updated 22/08/2022 às 17:57
energy - cyberattacks - global economy - espionage
itForum image

Threat is on a global scale. Whether private international conglomerates, such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil)

A recent report by Verizon, an American telecommunications company, points out that the energy sector, which includes oil, gas, mining and extraction, as one of the most targeted for cyber attacks.

Not to mention the global energy crisis, driven by the conflict between Russia and Ukraine, the energy and extraction industries end up becoming a potential target for cybercriminals, both because of their strategic positions within world economies and the valuable information they provide. they can be “exchanged” for absurd amounts, and even used for espionage.

Energy area is the most strategic among all infrastructures

“The energy area is the most strategic of all infrastructures, because, in addition to direct financial gains, opponents can extort companies that maintain an essential service to society. Furthermore, more sophisticated adversaries, such as APT (Advanced Persistent Threats) groups and nation states may be interested in having access to the sector's control platforms for strategic operations", says Sandro Süffert, CEO of Apura Cyber ​​Intelligence, which operates in the development of solutions for monitoring and detection of possible virtual threats and works in partnership with companies around the world, such as Verizon itself.

And in that sense, the threat is on a global scale. Whether private international conglomerates, such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil), the boldness of criminals is unlimited and gaps in the security of networks and information are tested all the time, in an attempt to find flaws that allow attacks.

According to the report, in 2021, the year of analysis, there were 403 incidents monitored, and 179 that had confirmation of data leakage; 78% were financially motivated, while 22% of the threats sought to break data secrecy for espionage.

More than 60% of all attacks were phishing, a technique to deceive users and obtain confidential information

It is noteworthy that more than 60% of all attacks were phishing, which is a social engineering technique used to deceive users and obtain confidential information, such as username, password and credit card details, from fake messages, such as email, links, websites and even apps. The most used medium, according to the report, was the company's e-mail servers, followed by web and desktop applications.

This has led to large numbers of stolen credentials (potentially collected by phishing) and ransomware, which is the “kidnapping” of information in exchange for ransoms. “Having this data in hand gives criminals a lot of bargaining power,” says Süffert.

The expert also points out that the problem could be much bigger if it weren't for companies that are increasingly specializing in the development of solutions that seek to identify threats before they consolidate into effective attacks. Systems such as BTTng monitor millions of pieces of information on the internet in search of patterns that may point to a possible threat and, thus, issue alerts for the company to redouble its attention and activate its protection systems at the maximum level, including warning employees to risks of accessing any uncertified content.

“The creativity and daring of the bandits is very great and, for this reason, the fewer opportunities and greater prevention energy companies invest, the lower the risk of having to deal with the loss of valuable information”, concludes Sandro Süffert.

Click here to view the report.

Be the first to react!
React to article
Tags
Flavia Marinho

Flavia Marinho is a postgraduate engineer with extensive experience in the onshore and offshore shipbuilding industry. In recent years, she has dedicated herself to writing articles for news websites in the areas of industry, oil and gas, energy, shipbuilding, geopolitics, jobs and courses. Contact flaviacamil@gmail.com for suggestions, job openings or advertising on our website. Do not send your resume, we are not hiring!

Share across apps