We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Published in the Vectra 2018 Spotlight Report on Energy and Utilities, these and other key findings underscore the importance of detecting hidden threat behaviors inside enterprise IT networks before cyberattackers have a chance to spy, spread and steal. These threat behaviors reveal that carefully orchestrated attack campaigns occur over many months.
Cybercriminals have been launching carefully orchestrated attack campaigns against energy and utilities networks for years. Often lasting several months, these slow, quiet reconnaissance missions involve observing operator behaviors and building a unique plan of attack.
“When attackers move laterally inside a network, it exposes a larger attack surface that increases the risk of data acquisition and exfiltration,” said Branndon Kelley, CIO of American Municipal Power, a nonprofit electric-power generator utility that serves municipalities in nine states that own their own electric system. “It’s imperative to monitor all network traffic to detect these and other attacker behaviors early and consistently.”
Remote attackers typically gain a foothold in energy and utilities networks by staging malware and spear-phishing to steal administrative credentials. Once inside, they use administrative connections and protocols to perform reconnaissance and spread laterally in search of confidential data about industrial control systems.
“The covert abuse of administrative credentials provides attackers with unconstrained access to critical infrastructure systems and data,” said David Monahan, managing research director of security and risk management at Enterprise Management Associates. “This is one of the most crucial risk areas in the cyberattack lifecycle.”
Other key findings in the 2018 Spotlight Report on Energy and Utilities include:
§ During the command-and-control phase of attack, 194 malicious external remote access behaviors were detected per 10,000 host devices and workloads.
§ 314 lateral movement attack behaviors were detected per 10,000 host devices and workloads.
§ In the exfiltration phase of the cyberattack lifecycle, 293 data smuggler behaviors were detected per 10,000 host devices and workloads.
