fbpx

Obrela Digital Universe Study: Q2 2021

29 July 2021 - by George Papamargaritis

Colonial Pipeline fuels a surge in attacks on oil and gas

Looking back at cyber-attacks over the last quarter, Colonial Pipeline easily holds the beacon for the incident that prompted the most concern. The well-publicised attack caused fuel shortages across the East Coast of the United States, resulting in people missing work, children missing school, looting and fires, putting lives at serious risk. Finally, the world was seeing what the security industry had been predicting for years – cyber-attacks having a physical impact and interfering with people’s daily lives.

Following the incident, the US government stepped up its focus on cyber security, with President Biden introducing new laws around the security of critical national infrastructure and warning the Russian President that the sector should be off-limits when it comes to cyber attacks.

However, based on Obrela’s latest Digital Universe Study, Biden’s warnings are having little effect, with data from the last quarter showing that cyber attacks on oil and gas have significantly increased across the industry’s entire IT estate in the last three months.

 

Obrela’s Digital Universe Study

Every quarter releases its Digital Universe Study, which is a roundup of the attacks targeting our customers from the last three months. The study runs a comparison from the same quarter in the previous year to understand how attacker techniques are changing, which industries and continents are facing the most attacks and what within the IT infrastructure is being attacked most frequently.

 

Key findings from the April – June 2021 revealed:

  • Oil and gas was one of the only industries to consistently see an increase in attacks on its systems, while many other industries actually saw a reduction
  • The industry saw:
    • An 18 percent increase in attacks on its users and endpoints
    • A 22 percent increase in attacks on its cloud environments
    • A 12 percent increase in attacks on its IT infrastructure
    • A 29 percent increase in attacks on its system / perimeters
    • A 14 percent increase in web attacks
    • A 22 percent increase in APT / malware attacks

 

The data highlights that as the world watched Colonial Pipeline fall to its knees at the hands of ransomware, attacks on the whole oil and gas sector were heating up as cybercriminals across the globe tried to cash in on other pipelines.

The latest victim is Saudi Aramco, the world’s most valuable oil producer, which is currently being held to ransom by cybercriminals for $50 million following a leak of its data on the dark web. This reinforces the findings of Obrela’s data – attacks on oil and gas are rising and we should expect them to get worse as cybercriminals test the industry’s defences.

 

Even despite President Biden’s warnings in June that critical national infrastructure should be off-limits, our data reveals that the oil and gas sector is a prime target for cybercriminals today, which has most likely been prompted by the attack on Colonial Pipeline. When Colonial Pipeline publicly admitted to paying the ransom, attackers gained intelligence around how a successful attack on the sector is almost guaranteed to amount in a pay-out. The sector is at a greater risk than ever before and addressing security risks and hardening systems must be the number one priority,” said George Papamargaritis, MSS Director at Obrela.

 

Additional findings from the study revealed that:

  • The healthcare sector saw a 71 percent increase in attacks on IoT
  • Q2 2021 saw a 58 percent decrease in attacks on banking and finance users and endpoints
  • Q2 2021 saw a 66 percent decrease in attacks on banking and finance IT infrastructure
  • Q2 saw an 88 percent increase in brand attacks within the food and beverages sector

 

Download the infographic.

LATEST UPDATES

Obrela’s Digital Universe Study: Europe sees 67% increase in brand attacks

21 April 2021 - by George Papamargaritis

Every quarter Obrela Security Industries releases its Digital Universe Study, which is a round up of the attacks targeting our customers from the last three months.

The study runs a comparison from the same quarter of the previous year to understand how attacker techniques are changing, which industries and continents are facing the most attacks and what within the IT infrastructure is being attacked most frequently.

 

Highlights

Some of the key findings from the latest study highlight:

  • In the first quarter of 2021, Obrela’s data shows there was a 67% increase in attacks targeting organisation’s brands in Western Europe.
  • Security attacks on cloud infrastructure within oil and gas organisations increased by over 24%.
  • There was a 19% increase in attacks targeting endpoints and users within the banking and finance industry.
  • There was a 76% increase in attacks targeting healthcare organisations.
  • IoT attacks in healthcare saw an increase of 57%.
  • Attacks on brand saw the biggest increase overall, with construction and food and beverage seeing a 100% increase in attacks compared to Q1 2020.
  • Western Europe saw a 67% increase in brand attacks.
  • Users in Western Europe were the most heavily targeted, with a 39% increase in attacks.

 

Putting the numbers into perspective

In the last year, the world has found itself in an unfamiliar situation, where almost every person on the planet has had to adapt their lifestyle because of the pandemic. The same goes for cybercriminals.

Our data shows that cybercriminals have adapted their attack techniques to suit the changing global environment. This can be seen in the increase in attacks targeting users and endpoints.

The healthcare industry has also come under significant pressure, particularly as vaccine programs get underway. The COVID vaccine is one of the hottest commodities on the planet, and the increase in attacks targeting the industry highlights that cybercriminals are doing all they can to get their hands on it.

One of the data points that stands out most is the increase in attacks on brands. Recent data has shown just how negatively brand damage can impact a company’s reputation, so it is not surprising cybercriminals are upping their efforts to hurt businesses at their very core. These attacks can take a variety of forms; many involve using social media as a platform to spread fake news or using c-level executive social platforms to send out phishing links.

Overall, our data shows that even despite the hardship of the last year, attackers are more determined than ever and show no signs of slowing down. Therefore, the best defence is a platform or service which can secure an organisation’s digital universe – regardless of where attacks are coming from or what area of a company’s online infrastructure they are targeting. This will alleviate pressure from internal IT teams and minimise organisations becoming overwhelmed from trying to manage too many products and pieces of technology, which could inadvertently put them at risk.

 

The full Obrela report is available on Professional Security.

LATEST UPDATES