Top 10 Digital Risks for Energy Companies

  2. Reviews
  3. Top 10 Digital Risks for Energy Companies

How Energy Companies are Mitigating Technology Threat

Energy companies are mitigating technology threat by increasing cyber resilience, being more vigilant and increasing security measures that would protect against cyber attacks.

Increasing Resilience

  • According to the US Department of Energy, there is an award of up to $28 million that will be used in support of the development of next-generation tools which will be used to improve the cybersecurity and resilience of different government infrastructures. The funding is expected to help developers come up with systems that will help prevent, detect and mitigate cyber-attacks.
  • Companies in the energy sector are increasing their resilience by offering forensic training to their IT personnel and working towards improving their incidence response as a way of mitigating attacks.
  • Energy companies carry out regular drills on cybersecurity in conjunction with their key suppliers and partners to test their response capability to cyber-attacks.
  • These companies ensure that their IT protocols are up to date for them to be able to protect the daily operation of their businesses.
  • Companies in the energy sector are also enhancing their resilience by being prepared against any attack on them or their partners through developing backups in case of attacks.
  • The energy companies have also identified alternative suppliers with compatible technology in case their primary suppliers are attacked to ensure continuity of their business operations.

Increasing Vigilance

  • There have been a variety of conversations between companies that work in the energy sector towards ensuring cyber attacks are mitigated swiftly without delays.
  • Energy companies have been able to be vigilant by not only training IT personnel but also other employees on matters that relate to security.
  • Another key way that energy corporations are increasing their vigilance is by investing in insurance policies that would protect them in case of a cyber-attack.
  • Energy companies have also increased their vigilance by ensuring they have reliable suppliers risk intelligence which will help them develop their security measures.
  • The increase in vigilance has been enhanced through constantly looking for potential cyber-attacks incidences and finding ways to address the issues.
  • The energy companies have ensured that they stay updated on the current cybersecurity operations as a way of increasing their vigilance.
  • There has also been an increase in vigilance as a way of mitigating risk against cyber attack by using automated software that can detect an attempted attack on the energy companies’ IT infrastructure.
  • Most energy companies have followed the US Department of Energy’s advice of combating cyber-attacks as one party to increase their success, a method referred to as “One Team, One Fight.”

Increasing Security

  • Energy companies have been able to increase their cybersecurity by ensuring the employees that work in their infrastructure are screened to avoid having malicious actors working in their companies.
  • The energy companies have been able to secure their infrastructure and reduce cyber attacks by minimizing the number of suppliers that work within their daily operations.
  • Additionally, the security of energy companies against cyber attacks has been enhanced by using unique rather than default password to access different infrastructures facilities.
  • Internet of things (IoT) is capable of being compromised by hackers. As a result, energy companies separate their high-risk processes from their low-risk plant level internet operations to mitigate against this threat.

The Top Technology Threats in Finance, E-commerce and Retail

The top technology threats in industries like finance, e-commerce and retail include the use of cloud based-systems, ransomware attacks, SQL injection, phishing emails, and bad bots. It is noted that nearly all technology threats can cause significant damages to the company, mainly related to data theft and bad bots, causing direct damages through content scraping.

Cloud Based Systems

  • Description: The use of cloud services in financial institutions help to reduce expenses and boost system uptime; however, the company’s data face a constant risk of being exposed by human errors like a misconfigured settings of the cloud server. An example includes the human error in Verizon that allowed access to data of more than 60 million people in 2017.
  • Potential impact if the threat took place: The impact of being unprepared for a cloud system’s data leak can carry the risk of exposing the data of millions of company customers to undesirable people. In the case of financial companies, the exposed data can translate into money laundering or fraudulent transactions.
  • Probability-to-occur: High, the rising popularity of cloud usage creates a huge responsibility for company employees to safeguard their systems.
  • Potential counter measures: The human-error continues being one of the leading weakness factors that permit easy access of financial data to undesirable people. The primary counter measure can be an employee cybersecurity education session.

Ransomware Attacks

  • Description: A ransomware is a malicious software or malware that can be used to create a data breach by a cyber-criminal. It is estimated that in 2017 the ransomware attacks nearly doubled. It is estimated that a ransomware can attack the critical systems that encrypt file servers or databases in a retail system.
  • Potential impact if the threat took place: For a retail company, the impact is catastrophic and can even trigger the failure of the company.
  • Probability-to-occur: High, one of the most prevalent varieties of malicious software is ransomware; it was found in 39% of malware-related cases assessed in 2017.
  • Potential counter measures: Some recommendations to prevent ransomware attacks include the change of log files to get an early warning of a security breach; training of staff to spot the early warning signs; access restricted to selected employees; patch promptly to guard against attacks; encryption of sensitive data; and by using a two-factor authentication.

SQL Injection

  • Description: Different e-commerce platforms like Prestashop, OpenCart, Magento have been vulnerable to SQL injection at some point of the time. Many plugs and extensions are vulnerable to it and can compromise the e-commerce database.
  • Potential impact if the threat took place: An SQLi attack can steal the complete database with sensitive information like the clients’ transaction history or credit card information. The great majority of information stolen from e-commerce is currently linked to being sold in the black market.
  • Probability-to-occur: High, the vulnerability is widespread as many of the plugins are still vulnerable to it.
  • Potential counter measures: An input validation should be used to assume that all user-submitted data is evil. Functions like MySQL’s mysql_real_escape_string() can be used to ensure that any dangerous characters are not passed to a SQL query in the data. Additionally, measures to avoid the use of dynamic SQL and construct queries with user input should be implemented. Also, it is advisable to regularly update system and use firewall as it can catch most of the SQL intrusions through web channels.

Phishing

  • Description: Phishing is embedding a link to an e-mail where the employee is redirected to an untrusted site where sensitive information can be asked. The invader may exploit vulnerabilities and acquire sensitive information by installing a Trojan through a malicious email attachment. The main objective of the phishing email is to gain access to otherwise protected data or networks of the company.
  • Potential impact if the threat took place: In 2018, the Radisson Hotel Group suffered a cyber-attack. In the data breach, the personal information for about 10% of their loyalty group members was exposed. The company recommends its members to be aware of phishing e-mails; this further led to the damage of trust for the clients and the company.
  • Probability-to-occur: High, phishing attacks are one of the most commonly reported security breaches in the world.
  • Potential countermeasures: The employee´s education is the main way to avoid phishing; the use of a SPAM filter can detect phishing emails and block malicious websites. Additionally, converting HTML emails into text-only messages or disabling HTML email messages are effective ways of protection against phishing.

Bad Bot

  • Description: The bad bots are created by cybercriminals to mimic human behavior, make online transactions, and obtain company employee data. According to a report by Distil Networks, the bad bot activity accounted for nearly 21% of all internet activity in 2018.
  • Potential impact if the threat took place: They can steal important data like financial data or other sensitive information. Account takeover, account creation, credit card fraud, denial of service, denial of inventory, pricing scraping, and content scraping are all methods that bots may be used to directly harm a business.
  • Probability-to-occur: High, the damage by bad bots in e-commerce and financial sectors in 2018 were: 22.9% and 24.7% respectively.
  • Potential counter measures: Some recommendations to avoid an attack includes blocking outdated browsers, blocking proxy and hosting services, evaluation of traffic sources, investigating traffic spikes, monitoring login attempts, and evaluation of a bot mitigation system.

XSS Attacks

  • XSS attacks in the e-commerce sector are so frequent and crucial that internet giants like Google have been victims of this type of threat.
  • It entails running malicious scripts in the victim’s web browser through malicious code embedded in a legitimate web page or online application (like OpenCart, Prestashop).
  • Forums, online apps, message boards, and web sites that enable comments are the most often used vehicles for XSS attacks.

Potential Impact

  • This attack could happen when there exists a lack of user input sanitization and filtering.
  • A successful XSS attack can compromise the admin account of an e-commerce store and create havoc, which translates to economic losses to the store owner.

Probability of Occurrence

  • Its likelihood of occurring is medium.
  • The attack will depend on whether the e-commerce web application uses forms, a search bar, or allows comments, for example.
  • Also, if the correct “sanitization tools” are in place to avoid this kind of attack, it’d be somewhat easy to defend an e-commerce store from XSS attacks.

Potential Countermeasures

  • In order to ensure safety from XSS, input in web applications must be sanitized.
  • Never send data obtained as input straight to the browser without first inspecting it for dangerous code.

IOT Botnets

  • An IoT botnet is a network of devices (not only computers) that can include cellphones, security cameras, or a device to monitor a patient’s heart attack.
  • A central server could command any device connected to an IoT technology in a network.
  • The ultimate objective of this tech threat is to convert the device to a “zombie” that does the hacker’s bidding.

Potential Impact

  • According to forecasts, IoT assaults will account for 30% of cybersecurity events in 2019, including those affecting the healthcare industry.
  • It presents a high potential for damage since the hackers can take control of devices like healthcare monitors, compromising the health of a patient, or control a company’s cameras with the aim of extortion.

Probability of Occurrence

  • It is very likely to occur.
  • In the last two years, IoT botnet attacks have risen from 50,000 in 2017 to an estimated 300,000 in 2019.

Potential Countermeasures

  • Conducting a risk evaluation of the company’s IoT system.
  • Ascertaining that IoT devices are running the most recent firmware version .
  • Employee education on all security rules and procedures, including appropriate password etiquette and data backup.

Vulnerable E-Commerce Payment Applications

Description

  • The attack targets payment applications where debit or credit card data is entered.
  • The cybercriminal takes advantage of the cross-site request forgery (CSRF) vulnerability, which may result in the payment application or the underlying web server being compromised.
  • After installing a malicious web shell, they inject a handful of malicious changes that automatically collect and write card data to files on online servers, which they then retrieve.

Potential Impact

  • The typical consequence of the use of the card data stolen by cybercriminals is fraud; the info can be sold in the black market or used by the cybercriminal — the result is fraudulent payment card activity.
  • The consequences directly related to the company are losing reliability, then losing the customer, and consequently, their turnover.

Probability of Occurrence

  • The probability of occurrence is very high.
  • With the greatly expanded use of credit or debit cards for payment, cybercriminals are focused on finding new vulnerabilities in payment applications.

Potential Countermeasures

  • The first countermeasure is to adhere to the standards of the Payment Card Industry Data Security Standard (PCI DSS). Implementing these points could prevent a company from a payment application attack.
  • Additional remedies include establishing and operating a threat intelligence team, whitelisting applications on point-of-sale systems, and adopting secure payment technologies such as EMV, tokenization, and encryption.

Credential Stuffing (Financial Industry)

Description

  • This tech threat involves taking advantage of giant data breaches, with hackers making billions of unique username and password combinations freely available to the public.
  • These combinations are tested against numerous different websites to gain access to their systems.
  • They use credential stuffing tools, such as proxy lists and captcha bypass tools, that are accessible on malicious sites.

Potential Impact

  • Once cybercriminals are inside a company’s system, they can access different data like personal data, money, gift card balances, credit card numbers, loyalty members’ sensitive data, which they then monetize in different ways like extortion, selling in the black market.
  • The company’s reputation and dependability are eroded.

Probability of Occurrence

  • The likelihood of occurrence is high.
  • The vast amount of breached data available to cybercriminals and the reuse of usernames and passwords give a high probability that a company could be a credential stuffing target.

Potential Countermeasures

  • One important recommendation is not to reuse passwords, ever.
  • Additionally, wherever feasible, two-factor authentication should be used to assist prevent credential stuffing.

Zero-Day Flaws (E-commerce Industry)

Description

  • When a software user detects that a software program contains a potential security vulnerability, the person notifies the software company, and a patch will be released; meanwhile, other users are in severe potential damage.
  • If a cybercriminal discovers the vulnerability before the software company releases the patch, he/she can take advantage of this issue to evade the security system of the company and enter the system.

Potential Impact

  • A zero-day flaw can cause considerable damage for a company that couldn’t patch a vulnerability before the official patch release. The ultimate consequence could be a significant breach of a company’s data.

Probability of Occurrence

  • The likelihood of occurrence is relatively low.
  • Zero-day vulnerabilities in open-source e-commerce solutions are patched fast because anybody can audit them.

Potential Countermeasures

  • The primary countermeasure to acquire security software from a reliable and reputable company.
  • Implement IPsec, the Internet Protocol security protocol used to encrypt and authenticate network communication.
  • Conduct frequent vulnerability scans of corporate networks and patch any identified vulnerabilities.
September 17, 2021
Reviews
Previous Post
Next Post