Energy industry vulnerable to attacks on outdated systems
Critical infrastructure sites and energy distribution facilities are increasingly being targeted by cybercriminals. But many of the systems in use today were installed and built before 24/7 internet connections.
A new report from Finnish cybersecurity company F-Secure highlights the fact that cybersecurity was not a realistic threat when these systems were manufactured, and legacy protocols and systems never had the built-in security controls that we take for granted today. Connecting these systems to the internet has opened them up to attacks from myriad angles.
“Espionage and sabotage attacks against CNI (Critical National Infrastructure) organizations have increased over the years and I don’t think we have seen it all yet,” says Sami Ruohonen, Labs Threat Researcher at F-Secure. “Critical Infrastructure due to its nature is an interesting target for a foreign nation-state, even during peacetime.”
Among the report’s findings are that a variety of different adversaries, each with their own motivations and tradecraft, constantly strive to compromise organizations that operate critical infrastructure.
Nation-state sponsored advanced persistent threat (APT) groups are relentless, and continue to seek network foothold positions on CNIs and espionage opportunities in the interests of exercising political leverage.
Nine different attackers, malware types and techniques targeting the energy industry stand out, with spear phishing being the most common initial supply chain attack technique….