Searchlight Cyber has released new research today describing how threat actors auction off access to oil and gas industry networks on the Dark Web. Someone should tell the oil and gas industry about this, as researchers found that more than 27% of energy industry CISOs said that they believe activity on the dark web has no impact on their company.
“The report we have released today –Dark Web Threats Against the Energy Industry – demonstrates conclusively that that is not the case by showing that energy companies are routinely discussed on dark web forums.” Searchlight report)
Cybercriminals have shifted their attention beyond banks and insurance companies and are now directing their efforts towards enterprises operating in various industries like healthcare, oil and gas (think Colonial Pipeline), and manufacturing.
“The global oil & gas industry experienced a 145% rise in company filings mentions of cybersecurity in Q1 2023 compared with the previous quarter … according to GlobalData’s analysis of over 338 oil & gas company filings.” URL: https://www.offshore-technology.com/dashboards/filings/cybersecurity-mentions-oil-gas-industry/
Stephen Gates, Principal Security SME, Horizon3.ai had this comment:
- I think it’s clear that threat actors have moved beyond the financial and insurance sectors, but this is still all about “the money”. Previously, attackers would look to compromise organizations in these sectors for the sole purpose of stealing PII and selling it to the highest bidder. But today, it’s easier to compromise an organization and hold them for ransom since the payouts are much larger. And as we have seen, cities, universities, non-commercial entities, and pretty much everyone other type of organization has experienced some form of ransom-based attacks.
- In nearly every attack that has resulted in a breach of security posture, threat actors first gain a foothold in the organization or find an attack vector where one can easily be obtained. In this case, they next auction that information off since they do not want to perform a potential ransom-based attack on their own. This is like someone who builds a list of consumers, then sells that list to someone else who wants to take it to the next level.
- I feel the energy industry is aware of the threats and understands the risks, but are they prepared for an attack? Likely not. The reason is that energy companies have much different infrastructures as compared to banks or insurance companies. Energy companies have networks so office employees can do their jobs. While at the same time, have other networks used for delivery and distribution of their energy products. Both are widely different in the context of what can be attacked and how an attack would progress.
You would think that the oil and gas industry would improve their security after the Colonial Pipeline incident. I for one hope they have as they’re clearly a target. And that means we’ll find out very quickly if they haven’t done everything possible to make themselves attack resistant.
Related
This entry was posted on May 17, 2023 at 8:10 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The Dark Web Is A Threat To The Oil And Gas Industry
Searchlight Cyber has released new research today describing how threat actors auction off access to oil and gas industry networks on the Dark Web. Someone should tell the oil and gas industry about this, as researchers found that more than 27% of energy industry CISOs said that they believe activity on the dark web has no impact on their company.
“The report we have released today –Dark Web Threats Against the Energy Industry – demonstrates conclusively that that is not the case by showing that energy companies are routinely discussed on dark web forums.” Searchlight report)
Cybercriminals have shifted their attention beyond banks and insurance companies and are now directing their efforts towards enterprises operating in various industries like healthcare, oil and gas (think Colonial Pipeline), and manufacturing.
“The global oil & gas industry experienced a 145% rise in company filings mentions of cybersecurity in Q1 2023 compared with the previous quarter … according to GlobalData’s analysis of over 338 oil & gas company filings.” URL: https://www.offshore-technology.com/dashboards/filings/cybersecurity-mentions-oil-gas-industry/
Stephen Gates, Principal Security SME, Horizon3.ai had this comment:
You would think that the oil and gas industry would improve their security after the Colonial Pipeline incident. I for one hope they have as they’re clearly a target. And that means we’ll find out very quickly if they haven’t done everything possible to make themselves attack resistant.
Share this:
Like this:
Related
This entry was posted on May 17, 2023 at 8:10 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.