The DarkSide cyberattack on the US Colonial Pipeline last week provides further evidence that cyberspace will not be kind to the power grid in the coming months and years. As predicted by security professionals for some time, with the Banking and Healthcare sectors having strengthened their cyber defences almost to the point of impenetrability cyber attackers are now turning their attention to the grid in the most targeted, personalised and persistent way to get the return on investment that they have become accustomed to from other sectors.
At this moment in time the power grid is hugely attractive to cyber attackers. It is relatively low in cyber defences and only gradually raising its security game. Its workforce is unaccustomed to repeated attacks and is yet to strengthen its security mindset. And, given the critical nature of grid service delivery it has cyber insurance in place to pay out large sums to mitigate against extended disruption.
Despite DarkSide’s appeal that they are just a Ransomware-as-a-Service operator whose sole intention is to make money and not to disrupt society, there is still a whiff of nation state involvement about this attack! But let’s see how investigations unfold. We know that rogue nation state actors are increasingly partnering with R-a-a-S providers to reap mutual benefit, and that in cyberwarfare not every attack needs to be a clear signal or out-and-out war, sometimes gentle disruption to avert attention away from the rogue nation is a viable end goal in itself.
Why does this backdrop matter? Because when nation state actors and cybercriminals partner to target our critical infrastructure, we can expect more sophisticated, targeted, personalised and persistent social engineering campaigns against our key personnel, as a means of opening more significant doorways into more critical parts of our grid than previously possible.
So, what can you, as a key employee within the power grid or its supplier ecosystem, do to secure your own digital life and habits and ensure that you do not become a social engineer’s dream doorway into the grid? Here are the top 3 considerations for every power grid employee and supplier when strengthening your personal cyber defences:
To assist you on your security mindset development journey, we are delighted to present you with the opportunity to get further informed through our free-to-attend Combatting Social Engineering webinar, taking place 16:00 CET, Wednesday 26th May 2021, with leading edge contributions from CrowdStrike, E-REDES, and KnowBe4.
Please enjoy this week’s selection of news, views and resources below, and feel free to share this newsletter with colleagues in other departments, and peers in other organisations.
News, Views & Resources
REPORT: Trustwave. 2020 Global Security Report.
Today, cybercriminals are having more luck with phishing attempts, fake updates and other social engineering attacks that require user involvement. It may seem counterintuitive but social engineering can be a lot cheaper for the attacker than compromising targets through exploits. If an attacker can induce a victim into voluntarily executing a programme, the attackers can freely perform malicious actions on the compromised machine without being limited to whatever cold be delivered through the selected exploit.
To read the report, click here!
REPORT: TechRepublic. Phishing and Spearphishing. An IT Pro’s Guide.
Spearphishing is a phishing attack targeted to a specific individual or company. These attacks usually rely on tailored methods and resources, such as attempting to clone the login interface for corporate intranets, as well as using personal information gathered in advance (perhaps from a prior breach) about targets to increase the likelihood of success.
To read the report, click here!
ARTICLE: Security Intelligence. Social Engineering And Social Media. How to Stop Oversharing
Whether they’re at work or at home, your employees may be revealing private company data on social media and not even know they’re doing anything wrong. Every social media post and photo may contain important data threat actors could use for social engineering. Cybercriminals are efficient and thrive on gathering data on their targets. By combing through public employee social media profiles, they collect valuable data on a person’s interests, job, activities and other history.
To read the article, click here!
REPORT: Kaspersky. The State of Stalkerware in 2020.
Technology has enabled people to connect more than ever before. We can choose to digitally share our lives with our partner, family, and friends regardless of how far we are physically. Yet, we are also seeing a rise in software that enables users to remotely spy on another person’s life via their digital device, without the affected user giving their consent or being notified. The software, known as stalkerware, is commercially available to everyone with access to the internet. This report examines the issue of stalkerware and presents new statistics from 2020, in comparison to our previous data.
To review the report, click here!
VIDEO: 9 Signs Showing Someone is Tracking Your Phone. Learn How to Stop It.
There is always a risk that a hacker, a co-worker, even a jealous ex or significant other may be invading your privacy and spying on you through your phone. But worry not, there are actually 9 easily identifiable signs that will help you understand if there is someone tracking your phone.
To watch the video, click here!
CyberAware Webinar Series
Click here to watch the replay of the Navigating the Threat-Scape webinar
Click here to register to the Combatting Social Engineering webinar
Click here to register to the Combatting Ransomware Attacks webinar