Manufacturing, Energy: Targeted Attacks Growing

Wednesday, January 15, 2014 @ 05:01 PM gHale

The manufacturing and energy sectors are in the top five industries for targeted attacks, a new whitepaper said.

In the first half of 2013, the manufacturing sector was the second most targeted sector worldwide and the energy sector was the fifth most targeted sector worldwide, experiencing 7.6 percent of all cyber attacks, according the a new whitepaper released by Symantec, entitled “Targeted Attacks Against the Energy Sector.”

RELATED STORIES
Icefog Backdoor Targets Oil Firm
Cyber Attacks Top Threat to Nation
Securing ‘Internet of Things’
Senior Mgt Biggest Security Violators

Symantec said from July 2012 to June 2013, it observed an average of nine attacks per day against the energy sector.

The top five sectors, according to the white paper, were government, manufacturing, banking/financial services/real estate, computer IT and services, and energy.

“Reports of attempted attacks against the companies and industries that supply it (the energy sector) are increasing every year,” Symantec said. While there were sectors that rated higher in terms of being targeted, this whitepaper mainly focused on the energy sector.

“Companies in the sector are facing a growing risk of having their services interrupted or losing data,” the report said. “The threat to energy firms is only likely to increase in the coming years as new developments, such as further extensions of smart grids and smart metering, expose more infrastructure to the Internet. Equipment that is not connected to the Internet and other networks is not immune to threats and there have already been a number of successful attacks against isolated systems. Operators of critical infrastructure, as well as energy utility companies, need to be aware of these threats and prepare accordingly.”

“So, it’s not surprising that in May 2013, the US Department of Homeland Security warned of a rising tide of attacks aimed at sabotaging processes at energy companies. At Symantec, our researchers are finding that traditional energy utility companies are particularly concerned about scenarios created by the likes of Stuxnet or Disttrack/Shamoon which can sabotage industrial facilities.

“We are also learning that aggressors who target the energy sector also try to steal intellectual property on new technology, like wind or solar power generators or gas field exploration charts.”

“During the monitoring period from July 2012 to June 2013, we observed an average of 74 targeted attacks per day globally. Of these, nine attacks per day targeted the energy sector,” said the white paper. “Accounting for 16.3 percent of all attacks, the energy sector was the second most targeted vertical in the last six months of 2012, with only the government/public sector exceeding it with 25.4 percent of all attacks. The high ranking was mainly due to a major attack against a global oil company, which we observed in September 2012.

“Not all of the attacks analyzed used highly sophisticated tools. Most of them could have been prevented by following best practice guidelines for protecting the IT infrastructure and the industrial components, indicating that despite high revenues and strategic importance, many energy sector companies are not prioritizing cybersecurity.”

Click here to view the entire white paper.



Leave a Reply

You must be logged in to post a comment.