We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Oil & Gas, Crude Oil, Gas, Petrol, Exploration, Refinery, Upstream, Oil Price, LPG & Solar

Follow us
Press Releases

Searchlight Cyber Alerts Energy Sector to Dark Web Threats

by

New threat intelligence report shows how cybercriminals routinely target energy companies on dark web forums

WASHINGTON & PORTSMOUTH, England–(BUSINESS WIRE)–#cybersecuritySearchlight Cyber, the dark web intelligence company, today released its new report, Dark Web Threats Against the Energy Industry, which examines cybercriminals’ reconnaissance against energy companies on the dark web. The report analyzes threat actor activity against the energy sector over a 12 month period and provides guidance on how this dark web intelligence can be factored into threat models to help organizations improve their security posture.

Searchlight Cyber analysts detail numerous instances of threat actors selling initial access to energy organizations around the world including targets in the USA, Canada, UK, France, Italy, and Indonesia on popular dark web forums like Exploit, RaidForums, and BreachForums. The research also highlights threat actors discussing ICS systems and sharing tutorials, papers, and documents, on ICS/SCADA, PLC, RTU, HMI and other components of industrial systems.

The research also found:

  • The predominant activity observed are auctions for initial access to energy companies that routinely take place on dark web forums.
  • Threat actors often use the terms “Start”, “Step” and “Blitz”, which indicate the start price, the increments of the bids, and a “buy-it-now” price (blitz) for initial access.
  • Most of these auction posts list the access type along with the country of the organization, its industry, and its revenue.
  • Several threat actors post multiple “auctions” impacting different organizations, suggesting that they are specialists in the initial access market.

Critically, the report explains how energy organizations monitoring the dark web can use this intelligence to spot when they are being targeted, and to prepare their defenses for the most likely types of attack based on the threats they observe against their peers. This “threat modeling” process involves identifying, categorizing, and prioritizing threats based on a hypothetical attacker’s point of view.

Commenting on the findings, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber said: “Energy companies are routinely discussed on dark web forums, with threat actors frequently auctioning initial access via remote software, VPNs, and stolen credentials for exploiting corporate infrastructure, Industrial Control Systems, and Operational Technology. The examples we highlight in this report are alarming but the intention of this research is to demonstrate to security professionals operating in this sector that they can use this intelligence to protect themselves, if they have access to it.

“With visibility into cybercriminal reconnaissance, energy companies can identify likely paths of attack, inform their defenses, and prioritize security measures that will help them cope with the most imminent threats. Dark web data gives companies an insight into the mindset and operations of cybercriminals, which is invaluable to any intelligence team.”

Click here to read the full report.

ENDS

About Searchlight Cyber

Searchlight Cyber provides organizations with relevant and actionable dark web intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks. To find out more visit slcyber.io or follow Searchlight Cyber on LinkedIn and Twitter.

Contacts

Media Contact
daria.zhukova@axicom.com

Share:
0
Tags:
a
Cool
0
a
Cool
0
a
Dislike
0
Geeky
0
a
Like
0
a
Like
0
a
LOL
0
a
Love
0
a
Love
0
a
NSFW
0
oilandgaspress
0
OMG
0
a
WTF
0
#FOLLOW US ON INSTAGRAM