There’s been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.
The energy industry is highly critical, providing people with vital services required for everyday use. That role makes it a prime target for cyber criminals.
That risk was demonstrated earlier this year when the Colonial Pipeline was hit with a ransomware attack, leading to the gasoline shortages across the Eastern United States. Colonial ended up paying cyber criminals almost $5m dollars for a decryption key to restore the network.
SEE: A winning strategy for cybersecurity (ZDNet special report)
And it’s not just cyber criminals who have an interest in hacking into the networks of energy providers; they’re also a top target for nation state-backed hacking groups for whom breaching a network could be a path towards causing significant disruption.
The desire to break into these networks has resulted in a sharp rise in phishing attacks against the energy sector, specifically cyberattacks targeting mobile devices, warns a report by cybersecurity researchers at Lookout.
According to the paper, there’s been a 161% increase in mobile phishing attacks targeting the energy sector since the second half of last year. Attacks targeting energy organisations account for 17% of all mobile attacks globally – making it the most targeted sector, ahead of finance, government, pharmaceuticals, and manufacturing.
“The energy industry is directly related to the wellbeing and safety of citizens, globally,” Stephen Banda, senior manager of security solutions at Lookout, told ZDNet.
Remote working has increased considerably during the past 18 months. And while the rise in mobile working has allowed businesses to continue operating, the increase in the use of personal devices and remote working has also boosted security risks – according to Lookout, 41% of mobile devices in the energy industry aren’t managed by employers.
That situation could put users at risk from cyberattacks including phishing and malware that could be used to help gain access to wider networks. The aim of the attackers is to steal usernames and passwords that could be used to gain access to cloud services and other parts of the network.
Tailoring phishing emails towards mobile devices can make them more difficult to spot because the smaller screen provides fewer opportunities to double check that links in messages are legitimate, while smartphones and tablets might not be secured as comprehensively as laptops and desktop PCs, providing attackers with a useful means of attempting to compromise networks.
“Threat actors know that mobile devices aren’t usually secured in the same way as computers. For this reason, mobile phishing has become one of the primary ways threat actors get into corporate infrastructure,” said Banda.
“By launching phishing attacks that mimic the context that the recipient expects, attackers are able to direct a user to a fake webpage that mimics a familiar application login page. Without thinking, the user provides credentials and data has been stolen,” he added.
It’s likely that cyber criminals will continue to target mobile devices as organisations adopt hybrid-working practices – so researchers emphasise the importance of smartphones and tablets being part of the overall cybersecurity strategy, by ensuring that the operating systems they run on are up to date and that they’re using software to help protect against phishing, malware and other cyberattacks.
“The majority of attacks start with phishing, and mobile presents a multitude of attack pathways. An anti-phishing solution must block any communication from known phishing sites on mobile devices — including SMS, apps, social platforms and email,” said Banda.