In our latest webinar we looked at threats facing the energy industry and how dark web intelligence can be mapped to the pre-attack tactics of the MITRE ATT&CK framework.
FIVE key cybersecurity lessons on dark web threats to the energy industry
In one of our most information-packed webinars to date, we delved into the challenges faced by one of the most critical and targeted industries in the world: the energy industry. With upstream, midstream, and downstream supply chain elements, as well as interface partners for Industrial Control Systems, it’s clear to see why the energy industry has to stay one step ahead of cybercriminals to safeguard themselves and critical national infrastructure. In this recap, we’ll share the five key takeaways on how dark web intelligence can help the oil and gas and wider energy industry identify threats and protect themselves from attack.
#1 Are CISOs in the energy sector ignoring dark web threats?
Evan Blair, General Manager, US, at Searchlight Cyber got things off to a data-driven start with stats from our CISO survey. Unsurprisingly, 89 percent of CISOs in oil, gas, and energy companies are concerned about dark web threats. What was shocking though was that when it comes to gathering dark web intelligence, specifically about their supply chain, only 32 percent are taking action. This dark web delta means the majority of oil and gas companies are leaving themselves open to supply chain attacks on the dark web.
#2 Cybersecurity risks in Upstream, Midstream, and Downstream operations
Next up, Robert Fitzsimons brought his Ministry of Defense experience to the table to examine how the complexity of the energy supply chain leaves them vulnerable to attacks at every interface of the upstream, midstream, and downstream. In short, the more connections between IT and Operational Technology (OT) systems, the greater the number of potential attack routes or threat vectors.
#3 For sale to the highest bidder – Initial Access Brokers on the dark web
In this eye-opening segment, Rob walked through a real-life example of an energy company’s confidential information being sold on the dark web to the highest bidder. Using our dark web investigation platform, Cerberus, we showed how easy it can be for attackers to purchase access within hours of it being posted on a dark web marketplace, potentially enabling them to wreak havoc and launch a ransomware or nation-state attack.
#4 How Colonial Pipeline could have prevented the ransomware attack with dark web intelligence
On May 7, 2021, Colonial Pipeline, an American pipeline system originating in Texas suffered a ransomware attack. In this highlight, senior threat analyst, Luke Walker, reveals how Colonial Pipeline could have potentially prevented this attack by monitoring dark web traffic going to and from their network.
#5 Threat modeling with MITRE ATT&CK for oil, gas, and energy companies
There are typically five steps to creating MITRE ATT&CK threat models, but a bit like how Spinal Tap’s famous amplifier goes up to 11, Luke Walker’s threat model goes to six. Watch our in-house energy expert explain how oil, gas, and energy companies can use these models to understand their security posture and identify potential gaps or weaknesses that adversaries are likely to target.