If a credential phish or ransomware attack helped to shut down the grid—power plants, hydroelectric dams, and nuclear power facilities—the impact could be catastrophic. Attacks on utilities are usually launched for political or social motives, not money. Unfriendly governments could shut down the grid as part of a broader strike or terrorists could disrupt it to make political demands.
Attackers have been probing industry systems for years. Foreign governments have already targeted US energy and utilities companies1. The Dragonfly 2.0 Attack of 2017 began in 2015, likely launched by a foreign government. The hackers penetrated the industry in the US and Europe, using compromised data gained by phishing the likes of Facebook and Google.2 Also in 2017, attackers phished the energy sector with emails disguised as resume submissions and job applications. The files were so genuine-looking, containing no macros or other exploits, that they initially fooled researchers.3
Cofense delivers solutions that train employees at all levels to spot and report phishing so security teams can stop it. Our energy and utilities customers, including those featured in case studies below, rank among the largest organizations in the industry.