Oil and water may not mix, but according to Cisco, the “watering hole” technique is emerging as the perfect way to exploit firms in the energy sector.
Last week Cisco released its 2014 Annual Security Report, which suggests an overall increase in the sophistication and proliferation of various forms of cyber-attack. Deep within the research, however, Cisco talks specifically about industry verticals that are being targeted by hackers and malware authors more than others. Besides agriculture and electronics companies, Cisco said oil and gas firms have become victims of watering hole attacks.
Rather than going after a specific user, watering hole attacks involve monitoring what Web sites a group within an organization frequents, then injecting them with malware and hoping someone takes the bait.
“Beginning in early May 2013, Cisco TRAC/SIO researchers observed another watering hole attack emanating from several other sites centered on the energy and oil sector,” the report says. “Similarities, including the specific crafting of an exploit used in both attacks, lend credence to the possibility that the two attacks were related. Cisco TRAC/SIO’s research also indicated that many of the sites used the same web designer and hosting provider. This could imply that the initial compromise was due to phished or stolen credentials from that provider.”
In a video launched to coincide with the report, Cisco chief security officer John N. Stewart talks about the relationship between cyber-attacks and trust.
Besides damaging the trust that exists between companies and their customers, the Cisco report shows that employees may also lose trust in their ability to browse the Web safely. Without some protective measures in place, visiting your favourite online watering hole might give soon oil and gas firms that sinking feeling.
Prepare your defence strategy by downloading The Internet Security eBook, from Allstream.