Recently there has been numerous articles and growing evidence of large corporations experiencing security breaches (Equifax probably being the most known about). To make matters worse, recent reports from Symantec suggest that the next big cybersecurity threat could be right around the corner.
According to a report by Symantec, the Western energy sector is being targeted with an aim to severely affect their operations. Reports state that Dragonfly (the hacking group that launched a similar campaign from 2011 to 2014) is back with a vengeance, learning how the energy facilities operate in order to gain access to operational systems with a view to sabotage or control the systems.
Back in 2015, Symantec stated that Dragonfly started launching phishing campaigns that were specifically targeted towards the energy sector, in an attempt to leak victims’ network credentials to external servers. This happened again on multiple occasions during 2016 and 2017. As well as malicious email campaigns, the attackers were said to be using watering hole attacks to compromise websites likely to be visited by employees within the energy sector.
Once the employee credentials had been stolen, the hacking group would remotely accessing the victim’s machine. More details of the sophisticated techniques can be found within the Symantec blog about the Dragonfly attacks on the energy sector.
All this got me thinking about the possibility of an attack occurring over here. If there was an attack, breach, or compromise (however you want to put it) within the Western energy sector, what would provide the most sustained damage on the countries involved? We’ve seen previously with Estonia how a country can be brought to a halt quicker than Butch Cassidy pulling on his horses’ reigns, as hackers turned off power to tens of thousands or people, while engineers were powerless to stop them. I can only imagine the scale of disruption if a company in the Western energy sector was brought to a halt, or controlled by external hacking groups.
Yet with this growing threat on the horizon, it is interesting to note the majority of news articles on cybersecurity focus on malware found in apps, how your data has been breached years ago by a large organisation, or on how to protect the individual consumer within the world of cybersecurity.
Don’t get me wrong, all of this is important; we need to keep ourselves safe and well informed on all cybersecurity matters in general. However I feel that large scale hacks on key infrastructure is unfortunately where the world is heading towards over the next couple of years and this is where our focus should be on. Obviously, if the Kim Jong-Un situation starts to escalate then this might be redundant; but if World War III does not descend upon us, we need to make sure our critical infrastructure is as secure as possible so that we are one step ahead of hackers, not the other way around.
About the author