Why and How do Phishers Target Oil, Gas, and Utility Companies?
If there is one incident that should focus the industry on how dangerous phishing is, it’s the 2021 ransomware shutdown of the Colonial Pipeline. The whole world took notice when a major piece of critical infrastructure had to be taken offline for a week and counting because an attack led by phishing opened Colonial’s entire network to costly infiltration.
The energy sector is attractive to phishers because of its large cash flow; aging, vulnerable operations infrastructure; heterogeneous technology; and a great number of interconnected but separate entities. This business environment — made up of majors, refiners, drillers, exploration firms, service companies, utilities, equipment manufacturers, transport specialists, pipeline operators, terminal operators, marketing companies, traders, brokers, financial institutions, and investors — is woven together by email. Tools and platforms used by enterprises large and small do not extend to the entire ecosystem; for communications, the industry is dependent on a vast flow of email among disparate organizations. A combination of high-value and heterogeneous environments make energy and utilities a rich target.
Request a demo.