Earlier this year, Tripwire asked 200 security professionals at RSA about their organizations’ ability to protect against ransomware infections. The results were less than promising. A majority (58 percent) of respondents reported to have observed a spike in spear phishing emails–a common attack vector for ransomware–over the past year. Even so, that same percentage expressed doubt with regards to their executives’ ability to spot a spear phishing email.
The respondents were even less confident when it came to recovering from an infection. Only 38 percent said they were “very confident” their organizations could recover from a ransomware attack without losing critical data.
Ransomware threatens all organizations, but it does not do so equally. This is because bad actors tend to launch ransomware campaigns and targeted attacks against certain sectors over others.
In particular, attackers have a penchant for harassing the energy sector. According to the Department of Homeland Security, the energy sector faces more cyber attacks than any other industry. Despite these escalating risks, the energy sector faces serious challenges responding to security threats effectively. For example, the results of the North American Electric Reliability Corporation’s (NERC) GridEx III “cyberwar games” revealed significant challenges with the cyber threat intelligence practices of grid operators.
“It’s tempting to believe that this increase in attacks is horizontal across industries, but the data shows that energy organizations are experiencing a disproportionately large increase when compared to other industries,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “At the same time, energy organizations face unique challenges in protecting industrial control systems and SCADA assets.”
In an effort to gain a better understanding of those challenges, Tripwire commissioned Dimension Research to survey 150 IT professionals in the energy, utilities, and oil and gas industries about the digital threats confronting their organizations.
One of the main findings of the study, which was completed back in November of 2015, is that the number of attacks directed against the energy sector is on the rise.
Indeed, when asked if their organization had experienced a rise in successful attacks in the last 12 months, seventy-seven percent of respondents replied, “yes.” In addition, more than two-thirds of the respondents (68 percent) said the rate of successful attacks had increased by over 25 percent in the last month.
The attacks originated from a variety of sources. Approximately 78 percent reported an attack from external actors, whereas nearly a third (30 percent) said they had suffered an incident at the hands of a current or former employee.
But understanding the source of one attack does not improve one’s chances of mitigating each and every threat. Indeed, 83 percent of energy security professionals and more than half (59 percent) of energy executives said they are not confident their organizations have the ability to detect all attacks. This is in spite of the fact that more than three quarters of respondents (78 percent) said their organizations do have a business process that can help them identify sensitive and confidential information.
To protect against the rising number of attacks, energy organizations must do more than just invest in detection technology. They must focus on proactive defense.
“Detecting attacks successfully is the midpoint of the overall process,” Erlin continued. “Energy organizations need to invest in greater prevention and forensic tools to decrease the rate of successful attacks and fully investigate those they can’t prevent.”
For more information about the survey, please click here.
Title image courtesy of ShutterStock