Last week (the week of 19th April), the oil and gas sector was attacked 12 million times and we are talking only about sophisticated attacks here. The attackers were using sophisticated malware and breach tactics to create multiple breaches thereby increasing the chances of a successful attack. As this vital sector tries to get back on its feet, threat actors are already working hard to derail the recovery efforts.
So why is this sector getting attacked so often and with such high levels of persistence?
There are six reasons for this.
- Hackers have been able to study the oil and gas infrastructure and vulnerabilities extensively in the last 24 months and are using that information to target oil and gas companies. Most of this work was done using reconnaissance malware.
- Breached data that is already available on the Dark Web and other forums are being used in some of these attacks.
- APT actors have started showing more interest in oil and gas operations of companies located in the Middle East, USA, and the UK
- The incidence of new malware used in these attacks is low right now (less than 2 percent). Most of these attacks were carried out using variants of know malware such as Jigsaw, NotPetya, Ryuk, Ekanas, and Tesla malware. The morphological aspects of these malware were modified suitably to help them evade signature-based detection systems.
- Stretched Security Operations Center teams and systems being brought online after long hiatus without applying patches and updates.
- Modification of privileges to account for employees working from home.
Subex has extensive experience in detecting and preventing such sophisticated attacks. In addition to our threat intelligence gathering infrastructure that generates real-time and multi-sectoral threat intelligence we also have an IoT and OT security solution that can secure your assets, data, and infrastructure from these attacks.
Talk to us today to learn how you can defend your upstream, midstream, and downstream assets.
To learn more of the best practices download the white paper on Cybersecurity approaches for the Oil and gas Industry.
Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defence tactics at close quarters.