Looking back at cyber-attacks over the last quarter, Colonial Pipeline easily holds the beacon for the incident that prompted the most concern. The well-publicised attack caused fuel shortages across the East Coast of the United States, resulting in people missing work, children missing school, looting and fires, putting lives at serious risk. Finally, the world was seeing what the security industry had been predicting for years – cyber-attacks having a physical impact and interfering with people’s daily lives.
Following the incident, the US government stepped up its focus on cyber security, with President Biden introducing new laws around the security of critical national infrastructure and warning the Russian President that the sector should be off-limits when it comes to cyber attacks.
However, based on Obrela’s latest Digital Universe Study, Biden’s warnings are having little effect, with data from the last quarter showing that cyber attacks on oil and gas have significantly increased across the industry’s entire IT estate in the last three months.
Every quarter releases its Digital Universe Study, which is a roundup of the attacks targeting our customers from the last three months. The study runs a comparison from the same quarter in the previous year to understand how attacker techniques are changing, which industries and continents are facing the most attacks and what within the IT infrastructure is being attacked most frequently.
The data highlights that as the world watched Colonial Pipeline fall to its knees at the hands of ransomware, attacks on the whole oil and gas sector were heating up as cybercriminals across the globe tried to cash in on other pipelines.
The latest victim is Saudi Aramco, the world’s most valuable oil producer, which is currently being held to ransom by cybercriminals for $50 million following a leak of its data on the dark web. This reinforces the findings of Obrela’s data – attacks on oil and gas are rising and we should expect them to get worse as cybercriminals test the industry’s defences.
“Even despite President Biden’s warnings in June that critical national infrastructure should be off-limits, our data reveals that the oil and gas sector is a prime target for cybercriminals today, which has most likely been prompted by the attack on Colonial Pipeline. When Colonial Pipeline publicly admitted to paying the ransom, attackers gained intelligence around how a successful attack on the sector is almost guaranteed to amount in a pay-out. The sector is at a greater risk than ever before and addressing security risks and hardening systems must be the number one priority,” said George Papamargaritis, MSS Director at Obrela.
The study runs a comparison from the same quarter of the previous year to understand how attacker techniques are changing, which industries and continents are facing the most attacks and what within the IT infrastructure is being attacked most frequently.
Some of the key findings from the latest study highlight:
In the last year, the world has found itself in an unfamiliar situation, where almost every person on the planet has had to adapt their lifestyle because of the pandemic. The same goes for cybercriminals.
Our data shows that cybercriminals have adapted their attack techniques to suit the changing global environment. This can be seen in the increase in attacks targeting users and endpoints.
The healthcare industry has also come under significant pressure, particularly as vaccine programs get underway. The COVID vaccine is one of the hottest commodities on the planet, and the increase in attacks targeting the industry highlights that cybercriminals are doing all they can to get their hands on it.
One of the data points that stands out most is the increase in attacks on brands. Recent data has shown just how negatively brand damage can impact a company’s reputation, so it is not surprising cybercriminals are upping their efforts to hurt businesses at their very core. These attacks can take a variety of forms; many involve using social media as a platform to spread fake news or using c-level executive social platforms to send out phishing links.
Overall, our data shows that even despite the hardship of the last year, attackers are more determined than ever and show no signs of slowing down. Therefore, the best defence is a platform or service which can secure an organisation’s digital universe – regardless of where attacks are coming from or what area of a company’s online infrastructure they are targeting. This will alleviate pressure from internal IT teams and minimise organisations becoming overwhelmed from trying to manage too many products and pieces of technology, which could inadvertently put them at risk.