While the energy industry may fear the appearance of another Stuxnet on the systems they use to keep oil and gas flowing and the electric grid powered, an equally devastating attack could come from a much more mundane source: phishing.
Rather than worry about exotic cyber weapons like Stuxnet and its big brother, Flame, companies that have Supervisory Control and Data Acquisition (SCADA) systems — computer systems that monitor and control industrial processes — should make sure that their anti-phishing programs are in order, say security experts.
“The way malware is getting into these internal networks is by social engineering people via email,” Rohyt Belani, CEO and co-founder of the anti-phishing training firm PhishMe, said in an interview.
“You send them something that’s targeted, that contains a believable story, not high-volume spam, and people will act on it by clicking a link or opening a file attached to it,” he said. “Then, boom, the attackers get that initial foothold they’re looking for.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…