Spear Phishing: Energy Sector Targeted

Monday, April 8, 2013 @ 05:04 PM gHale


A spear-phishing campaign targeted the systems of 11 energy sector companies, according to a report from the Department of Homeland Security (DHS).

The campaign was active in October 2012 and it used publicly available information.

RELATED STORIES
Malware Hits Apache Servers
Blog Compromised Malware Injected
Spear Phishing Takes it Up a Notch
APT Disconnect Means Poor Defense

In order to target specific individuals within the energy sector, the attackers harvested information available on the companies’ websites. They utilized names, email addresses, company affiliations and work titles to make the emails they sent out more legitimate-looking.

“Malicious emails were crafted informing the recipients of the sender’s new email address and asked them to click on the attached link. This link led to a site that contained malware. Another email with a malicious attachment may also have been associated with this campaign,” the DHS report said.
http://ics-cert.us-cert.gov/pdf/ICS-CERT_Monitor_Jan-Mar2013.pdf

Working with the ES-ISAC, officials were able to determine 11 entities ended up targeted in this campaign, and luckily no known infections or intrusions occurred. ICS-CERT worked with our partners at the ES-ISAC to coordinate support for the targeted entities.

The DHS said publicly accessible information found on company websites and social media accounts are a valuable resource for cybercriminals.

That’s why the agency advises organizations to limit the business-related information published on their websites. In addition, users should be cautious about the business-related and personal information they share on social networks.



Leave a Reply

You must be logged in to post a comment.