chat
expand_more

Energy and Infrastructure Industry Sees Steady Growth in Cyberattacks

Energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. Learn more.
February 27, 2024

A reasonable level of anxiety exists around the security of the energy and infrastructure sector. It has become an attractive target for cybercriminals, and the idea of crippling such essential services is too much to ignore.

Attacks and suspicious activity targeting US power stations reached a decade-long high in 2022, and concerns about sabotage persist today. During a recent hearing with the House Select Committee on the CPP, FBI Director Christopher Wray warned that Chinese hackers might target critical US infrastructure like water treatment plants, electrical grids, and pipelines.

Modern societies depend on reliable energy infrastructure; if these facilities fail to operate correctly, life as we know it would be completely disrupted. To properly secure and defend organizations in the energy and infrastructure industry, it’s vital to understand the current threat landscape.

Threat Actors Take Aim at Energy and Infrastructure for VEC

Vendor email compromise (VEC) and business email compromise (BEC) are two devastating tools in the threat actor’s arsenal. These attack types easily sidestep detection from traditional security solutions by targeting people with social engineering scams.

Much like traditional BEC attacks, vendor email compromise involves the impersonation of a trusted identity to manipulate targets into completing fraudulent transactions or divulging sensitive information. In these attacks, however, the person being impersonated is an external third party like a partner or supplier rather than an internal executive or another employee.

The energy and infrastructure industry is a top target for VEC attacks, with 65% of Abnormal customers experiencing a VEC attempt between February 2023 and January 2024. That’s a higher rate than organizations in the healthcare (50%), finance (46%), or technology (43%) industries, which are often considered the most popular targets for vendor email compromise.

Organizations in energy and infrastructure have complex supply chains and extensive networks of third-party vendors. Cybercriminals recognize the difficulties of defending these sprawling networks and continually look for opportunities to insert themselves into email conversations. Since these organizations regularly transfer significant sums of money for project facilitation, they are enticing targets for attackers seeking substantial profits.

BEC Attacks Targeting Energy and Infrastructure Increase in 2023

While business email compromise may not account for a large percentage of all advanced attacks, cybercriminals only need a BEC attack to be successful once in order to acquire the information or funds they seek. In BEC attacks, threat actors pose as executives, exploit the authority of the impersonated party and the implicit authenticity of business email, and then convince the target to fulfill fraudulent requests.

According to our data, the frequency of business email compromise attacks targeting the energy and infrastructure sector is on the rise. From February 2023 to July 2023, the average number of BEC weekly attacks was 0.53 per 1,000 mailboxes. In the following six months, BEC attacks increased by 18%, reaching a weekly average of 0.63 attacks per 1,000 mailboxes.

Business email compromise spiked on December 10, reaching 1.2 weekly attacks per 1,000 mailboxes. Despite flatlining over the Christmas holiday, the number of weekly attacks experienced by energy and infrastructure organizations jumped in the new year, peaking at 1.41 per 1,000 mailboxes in the second week of January.

Energy Infrastructure Data Blog Median of BEC Attacks per Week

On average, it takes 277 days to detect and contain a data breach, which leaves a lot of time for cybercriminals to wreak havoc on energy and infrastructure organizations.

Defending Energy and Infrastructure Organizations Against Sophisticated Email-Based Attacks

The bad news is that the rate and sophistication of email attacks continue to grow year after year. The good news is that advanced cybersecurity solutions exist to protect organizations in the energy and infrastructure industry.

Abnormal Security utilizes AI and machine learning to detect and stop complex, socially engineered attacks, including business email compromise and vendor email compromise. The platform understands known-good behavior to identify suspicious requests, shifts in tone, or other anomalies that may indicate an attack.

With an AI-native solution that proactively uncovers and remediates cyberattacks before they can reach employees, energy and infrastructure organizations can stay one step ahead of attackers.

Gain valuable insights into the latest email threat trends by reading our latest threat report, Phishing Frenzy: C-Suite Receives 42x More QR Code Attacks Than Average Employee.

Download the Report
Energy and Infrastructure Industry Sees Steady Growth in Cyberattacks

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Podcast Blog
Explore insights on AI, collaboration, career growth, and unforgettable stories from industry leaders shaping the future of cybersecurity.
Read More
B AI Vendor
Learn how to evaluate transparency, risks, scalability, and ethical considerations to make informed cybersecurity decisions.
Read More
B SOC Prod
Learn how AI-driven automation boosts SOC productivity by reducing false positives, addressing skills gaps, and enhancing threat detection. Discover strategies to future-proof your SOC and strengthen cybersecurity defenses.
Read More
B Proofpoint Customer Story F500 Insurance Provider
A Fortune 500 insurance provider blocked 6,454 missed attacks and saved 341 SOC hours per month by adding Abnormal to address gaps left by Proofpoint.
Read More
B Malicious AI Platforms Blog
What happened to WormGPT? Discover how AI tools like WormGPT changed cybercrime, why they vanished, and what cybercriminals are using now.
Read More
B MKT748 Open Graph Images for Cyber Savvy 7
Explore insights from Brian Markham, CISO at EAB, as he discusses cybersecurity challenges, building trust in education, adapting to AI threats, and his goals for the future. Learn how he and his team are working to make education smarter while prioritizing data security.
Read More