Our energy infrastructure is often a politicized point of discussion. Should we, as a society, move toward greener energy sources such as wind and solar? Should we do more to prop up the industries of coal, oil and gas? This debate will likely drag on for years to come "“ but one thing we can all agree on is that we would prefer to keep our energy companies safe from malicious intruders.
Believe it or not, the energy sector is a top target for cyber crooks and state-sponsored hackers. Fortunately, a robust cybersecurity policy which includes cyber insurance can help companies face down these threats.
Below, CyberPolicy discusses the risks posed to private companies and our energy infrastructure and what can be done to bolster defenses.
Shock & Awe
According to ZDNet , over two dozen utility providers and energy companies in the United States and Europe have been attacked by the Dragonfly group. This cyber espionage collective, also known as Crouching Yeti or Energetic Bear, disappeared for a couple years only to return with a vengeance --and a slew of sophisticated attacks.
Researchers at Symantec believe the " Dragonfly 2.0 " group has attacked 20 U.S. organizations, six in Turkey and one in Switzerland. And you'll never believe how they did it.
The refreshed attackers broke back into the hacking scene with an email invitation to a New Year's Eve party aimed at the energy sector in late 2015. When an unsuspecting victim opened the email, a malicious attachment would activate and steal the user's login information. These phishing attacks continued throughout 2016 and 2017, disguised as job applications and event invitations.
The collective also made use of watering hole scams which hide malware in compromised websites likely to be visited by nuclear and energy sector employees. But incursion and credential swiping is just step one. The real goal is to install a Trojan virus into the victim's computer, which allows for remote access to anything and everything.
It's important to note that the specific forms of malware employed are strongly correlated to the Dragonfly group, which is one of the reasons cybersecurity experts are certain of its culpability.
Then again, Dragonfly 2.0 isn't the only group wreaking havoc on energy utility companies. State-sponsored hackers compromised power systems in the Ukraine last year; and North Korea has been gunning for U.S. electric power companies for quite some time.
But don't abandon hope just yet. There are a number of ways utility companies can protect themselves, ranging from minor behavioral changes within their organizations to high-tech security solutions. For example, training staff members to identify and avoid suspicious emails, websites and downloads is enough to thwart incursion. On the techie side, organizations can adopt machine-learning solutions to flag dubious activities and third-party defense analysts can test your network for security gaps.
Of course, the final piece of any cybersecurity policy should be an investment in cyber insurance from a reputable provider. Even if your organization is victimized by a cybercriminal, your insurance provider will be able to help you get your business back on track.
Visit CyberPolicy today for more information!