Threat Is Global. These Are Private International Conglomerates, Such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or Companies Linked to Local Governments, Such as PetroChina (China) and Petrobras (Brazil)
A recent report from Verizon, an American telecommunications company, identifies the energy sector, which includes oil, gas, mining, and extraction, as one of the most targeted for cyberattacks.
Not to mention the global energy crisis, driven by the conflict between Russia and Ukraine, the energy and extraction industries have become potential targets for cybercriminals, both because of their strategic positions within global economies and the valuable information that can be “traded” for exorbitant sums, and even used for espionage.
The Energy Sector Is the Most Strategic Among All Infrastructures
“The energy sector is the most strategic among all infrastructures, as, in addition to direct financial gains, adversaries can extort companies that provide essential services to society. Furthermore, more sophisticated adversaries, such as APT (Advanced Persistent Threat) groups and nation-states may be interested in accessing control platforms in the sector for strategic operations,” says Sandro Süffert, CEO of Apura Cyber Intelligence, which develops solutions for monitoring and detecting potential virtual threats and partners with companies worldwide, including Verizon itself.
-
At 14 years old, she worked in a factory in Hong Kong, studied economics abroad, and then entered the Chinese real estate market, which helped change the landscape of Beijing.
-
While NATO secured more than $10 billion in missiles and space surveillance at a single forum, Brazil still spends 1.1% of its GDP on defense and is stalling its own anti-aircraft system.
-
Corn ethanol attracts R$ 23 billion in 21 new plants and prepares for a nearly 50% jump in Brazilian production by 2027, even with high interest rates.
-
A newly opened terminal in the middle of the Amazon has begun transporting soy and corn through Amapá, eyeing the queue of ships that is congesting the ports in the South.
And, in this regard, the threat is global. These are private international conglomerates, such as Exxon Mobil (United States), RDSA (Netherlands), Gazprom (Russia), or companies linked to local governments, such as PetroChina (China) and Petrobras (Brazil), the boldness of criminals is limitless, and gaps in network and information security are tested all the time in an attempt to find flaws that allow attacks.
According to the report, in 2021, the year of analysis, there were 403 monitored incidents, and 179 confirmed data breaches; 78% had financial motivation, while 22% of the threats sought data confidentiality breaches for espionage.
Over 60% of All Attacks Were Phishing, a Technique to Deceive Users and Obtain Confidential Information
It is noteworthy that over 60% of all attacks were phishing, which is a social engineering technique used to deceive users and obtain confidential information, such as usernames, passwords, and credit card details, through fake messages, such as emails, links, websites, and even apps. The most commonly used medium, according to the report, was corporate email servers, followed by web and desktop applications.
This led to a large number of stolen credentials (potentially collected through phishing) and ransomware, which is the “kidnapping” of information in exchange for ransom. “Having this data in hand gives criminals significant bargaining power,” says Süffert.
The expert also points out that the problem could be much larger if it weren’t for companies that specialize more each day in developing solutions that aim to identify threats before they materialize into effective attacks. Systems like BTTng monitor millions of pieces of information on the internet for patterns that could indicate a potential threat and thus issue alerts for the company to increase vigilance and activate its protection systems to the maximum level, even warning employees about the risks of accessing any uncertified content.
“The creativity and boldness of the criminals are vast, and for this reason, the fewer opportunities and the greater prevention that energy companies invest in, the lower the risk of having to deal with the loss of valuable information,” concludes Sandro Süffert.
Click Here to consult the report.
