Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

Energy Sector Faces Rocky Cyber-Threat Landscape: Report

It should come as no surprise to anyone that attackers are interested in critical infrastructure companies. But the level and sophistication of the attacks targeting the energy sector are more than enough to give the security community pause.

It should come as no surprise to anyone that attackers are interested in critical infrastructure companies. But the level and sophistication of the attacks targeting the energy sector are more than enough to give the security community pause.

The threat landscape these companies are facing is the subject of a new paper from security firm Symantec, which takes a long look at the dangers circling the industry. Between July 2012 to June 2013, Symantec saw an average of 74 targeted attacks per day across the globe. Of these, nine attacks per day targeted the energy sector.

“Accounting for 16.3 percent of all attacks, the energy sector was the second most targeted vertical in the last six months of 2012, with only the government/public sector exceeding it with 25.4 percent of all attacks,” Symantec noted. “The high ranking was mainly due to a major attack against a global oil company, which we observed in September 2012. However, in the first half of 2013 the energy sector continued to attract a high proportion of attacks, ranking in fifth place with 7.6 percent of targeted attacks.”

Energy Industry Targeted by Cyber Attacks

The motivations and origins of attacks can vary, with both business and political rivalries playing a part. According to Symantec researcher Candid Wueest, it is not uncommon for rival companies to commission attacks against fellow corporations, and hacker-for-hire groups such as the ‘Hidden Lynx’ group are more than willing to participate.

Next on the list are politically-minded hackers who sometimes work for foreign governments, he added.

“State-sponsored hackers could target energy firms in an attempt to disable critical infrastructure,” he noted. “Hacktivist groups may also victimize companies to further their own political goals.”

Typically, the attackers go after valuable information, but when the goal of the attack is sabotage, this might not be the case. Nevertheless, attacks focused on sabotage such as Stuxnet and Shamoon can still lead to significant financial losses for companies, and are often the work of state-sponsored agents or hacktivists, Symantec noted.

“Fortunately, there have not been many successful sabotage attacks against energy companies to date,” according to the paper. “However, the increasing number of connected systems and centralized control for ICS systems means that the risk of attacks in the future will increase. Energy and utility companies need to be aware of these risks and plan accordingly to protect their valuable information as well as their ICS or SCADA networks.”

“Our research has found that modern energy systems are becoming more complex,” blogged Wueest. “There are supervisory control and data acquisition (SCADA) or industrial control systems (ICS) that sit outside of traditional security walls. And as smart grid technology continues to gain momentum, more new energy systems will be connected to the Internet of Things, which opens up new security vulnerabilities related to having countless connected devices.”

“In addition to this, many countries have started to open the energy market and add smaller contributors to the electric power grid, such as private water power plants, wind turbines or solar collectors,” he continued. “While these smaller sites make up only a small portion of the grid, the decentralized power input feeds can be a challenge to manage with limited IT resources and need to be carefully monitored to avoid small outages that could create a domino effect throughout the larger grid.”

The paper can be downloaded here.

Related: Cyber Attacks Against Energy Sector Jump in 2013

RelatedCyber Attacks Targeted Key Components of Natural Gas Pipeline Systems

Related: Energy Sector at Higher Risk of Brute Force Attacks and Malware Threats

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.