Energy Companies See Email, Hacktivists as Major Cybersecurity Threats

A recent study finds that 61% of energy firms view email as the biggest threat vector for cyberattacks via malware, and that hacktivists are seen as posing the biggest threat to energy companies.

A recent study found that 61 percent of energy firms view email as the biggest threat vector for cyberattacks via malware, and that hacktivists are seen as posing the biggest threat to energy companies.

The study by ThreatTrack Security examined the vulnerabilities of energy and financial service firms – the industries that are most frequently targeted by cybercriminals. Both industries are under constant pressure from attackers due to the high-value assets they own, which represents a significant risk for the U.S. economy and critical physical infrastructure, ThreatTrack said in a May 7 press release.

“There are a wide range of threat actors and attack vectors targeting these two industries, and ThreatTrack Security’s report investigates the challenges in these organizations face in defending themselves, and what they plan to do to increase security,” said ThreatTrack.

According to the study, 72 percent of respondents from both industries are confident their company will be targeted by an Advanced Persistent Threat, targeted malware attack or other sophisticated cybercrime or cyber-espionage tactics in the next 12 months. Of these respondents, 38 percent of the survey respondents said an attack was a certainty or highly unlikely.

Email remains a top threat vector for many industry sectors, including energy, said Dodi Glenn, Sr., director of security intelligence and research labs at ThreatTrack Security, which processes nearly 200,000 new malware threats each day, and whose technology protects over 10 million endpoints worldwide.

“Whether it’s spam harboring links to malicious websites or spreading infected documents, users’ propensity to click first and ask questions later is a common cause of malware infection and a potential first step in a targeted cyberattack,” Glenn explained. “Other threats like phishing – tricking users into divulging personal information and passwords – is another pervasive cybercrime tactic.”

Source: ThreatTrack

Glenn told Rigzone that the company wasn’t surprised to hear that energy firms were more concerned about email than web threats. However, it was surprising that the gap was so large (email 61 percent and web 25 percent) given that web threats generate a lot of infections and headaches for security professionals.