A dark web actor is reportedly selling access to an Indonesian energy company, believed to be the same threat actor who targeted an American manufacturer.
The Indonesian company in question, with revenues exceeding millions, found itself at the center of the energy sector threat, according to posts circulating on dark web forums.
The initial post, which lacked specific details about the targeted organization, highlighted the substantial revenue of the company, equating to over 65 trillion Indonesian Rupiah or over $417 million.
Energy Sector Threat: Access to Unnamed Indonesian Energy Giant
The threat actor offered access to the company’s systems, purportedly through a popular cybersecurity solution used by organizations for network protection. The asking price for this illicit access was set at $800.
This energy sector threat follows a concerning trend of cyberattacks targeting critical infrastructure, particularly in the oil and electricity sectors. Just recently, the same threat actor was observed selling unauthorized access to an American manufacturing company, boasting revenues of $2.7 billion. The access, which included Screenconnect and RDP credentials, was priced at $5,000.
These energy sector threats highlight the growing sophistication of global threat actors and the increasing vulnerability of essential industries to hackers and ransomware groups. Sangfor Technologies has emphasized the escalating risks posed by cyber-attacks, particularly in sectors reliant on digital systems, such as oil and gas.
Cyberattacks on the Oil and Gas Industry
The oil and gas industry, in particular, has become a prime target for cybercriminals due to its heavy reliance on technology to manage complex operations. While digital systems offer numerous benefits, including enhanced efficiency and safety, they also present significant cybersecurity challenges.
According to Statista, the oil and gas sector ranked fifth among industries most affected by ransomware attacks in 2022, with 21 reported incidents globally. The sector’s reliance on digital systems for extraction, transportation, and refinement processes makes it an attractive target for malicious actors.
A report by the US Government Accountability Office highlighted the cybersecurity risks faced by offshore oil and gas infrastructure, citing vulnerabilities in operational technology (OT) systems. These vulnerabilities could potentially allow threat actors to compromise critical functions, posing serious safety and environmental risks.
CISA has issued advisories addressing vulnerabilities in operational technology, including concerns related to weak encryption and insecure firmware updates. However, criticism has been directed at regulatory agencies like the US Department of the Interior’s Bureau of Safety and Environmental Enforcement for perceived inadequacies in addressing cybersecurity threats.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.