News Insights: Cyber espionage campaign targets renewable energy companies

journalofcyberpolicy

Hugh Taylor | journalofcyberpolicy.com »

A story in Bleeping Computer reveals that a large-scale cyber-espionage campaign is targeting primarily renewable energy and industrial technology organizations. It has been discovered to be active since at least 2019, targeting over fifteen entities worldwide.

https://www.bleepingcomputer.com/news/security/cyber-espionage-campaign-targets-renewable-energy-companies/

Research Insights:
Saryu Nayyar
Saryu Nayyar, CEO, Gurucul

“While the attack itself is deemed “unsophisticated”, this is a perfect example of an elaborate industrial espionage campaign targeting multiple sectors to disrupt or steal data from a specific industry. While simple, this phishing attack is difficult to defend, however, with a next generation SIEM that supports behavioral analytics supported by adaptable machine learning models, the abnormal communications to suspicious domains can immediately be prioritized for security teams to investigate and determine if a real threat exists. If the campaign is indeed purported by proponents of the fossil-fuel industry, it is indeed unfortunate. Renewable energy companies need to invest more in cloud-native analytical security solutions to protect themselves against this type of threat, but also nation state threat actors looking to steal intellectual property for their own energy programs.”

 

Bryson Bort, CEO & Founder, SCYTHE:

“This is similar to the targeted credential theft attack as seen in the breach of the Florida water plant in 2020. The underlying goal depends on the nation-state actor involved. If it’s Russia, then it a further example of iterative intelligence against our critical infrastructure and possibly putting “levers” in place in anticipation of conflict (Ukraine weighs heavy on the mind). On the other hand, if it’s North Korea, then it could be the reconnaissance phase for future ransomware attacks. Renewables are the fastest growing energy segment which means they’re a target for financially motivated attacks.”

Cyber espionage campaign
External Link: News Insights: Cyber espionage campaign targets renewable energy companies

Share this page:

Related Posts