Energy and Telco Sectors: At Heightened Risk of Russian Cyberattacks

iStock 615824148 656x368 1

This article was originally published in El Independiente a Spanish digital news publication. We’ve translated into English language below.

The Russian invasion of Ukraine has awoken all cyberattack alerts. The Russian leader Vladimir Putin can seek reprisals against European and American sanctions through cyber-warfare. As a matter of fact, state intelligence and security services have already urged public officials to change their passwords to avoid a cyberattack. The threat is real. Experts from Constella Intelligence, a leading cybersecurity company, have affirmed that these cyberattacks are already occurring.

“The first extension of the geopolitical conflict in Ukraine is already occurring in the digital sphere”, pointed out Alex Romero, COO of Constella Intelligence. In the eye of the hurricane, the energy, financial services, and telecommunications sectors are the three industries most exposed to Russian cyberattacks. “Companies in these sectors store, manage, and transfer massive volumes of personal data”, affirms Romero.

The co-founder of Constella Intelligence advises European states and energy companies to reflect on the long list of these types of attacks that have taken place in recent years “in order to recognize and respond to the risks that must be addressed in this space”.

Romero explains that these attacks are possible due to three unique vulnerabilities inherent in the global energy ecosystem:

1. This ecosystem is based on a fundamentally complex infrastructure that extends across many geographies.

2. The digital infrastructure that supports the global energy sector operates 24-hours a day, with essentially no downtime.

3. The global energy industry vulnerabilities have their roots in the wide-ranging motivations driving attacks against the sector.

“The vulnerabilities of European digital security and the global, energy-related interdependencies could significantly impact the lives of citizens”, warns the expert.

According to a report by Constella Intelligence, nearly 50% of energy executives (from a sample of 55 executives of Fortune Global 500 companies) have seen their credentials exposed since 2018. Among the top energy companies analyzed, Constella detected a total of 1,504,564 exposed records.

Romero explains that companies in the energy sector, with always-on, highly complex infrastructures, offer services that society cannot survive without for very long. “For this reason, they become the targets of these attacks,” he adds. Cybercriminals recognize this importance and take it into account when launching attacks like ransomware.

The Magnitude of Cyberattacks

“A cyberattack can have different dimensions and implications,” notes Romero. In fact, recall that on May 7th, 2021, the Colonial Pipeline in the U.S. suffered a critical ransomware attack due to one exposed password, leading to one of the largest attacks on U.S. critical infrastructure in history. This led to the authorities declaring a state of emergency in 17 states along the east coast and in Washington and “resulted in a serious shortage of gas and long lines in service stations in all of the affected areas”, Romero recounts.

Although the “damage attributable to the theft or exfiltration of data is only one element of the economic impact of a cyberattack,” IBM’s 2021 Cost of a Data Breach Report evidences that the average cost of a cyberattack is over USD 4,000,000—a figure that increased during the pandemic and is the highest in the 17-year history of the report.

“A CYBERATTACK HAS DIFFERENT DIMENSIONS: ECONOMIC AND REPUTATIONAL”
– Alejandro Romero Co-Founder Constella Intelligence

“The repercussions of an attack have various axes”, mentions Alex Romero. A cyberattack supposes a loss of data, serious damage to corporate image and reputation, lost business costs, and potential regulatory consequences. Therefore, the damage inflicted is not only economical but also reputational, impacting confidence. “In the short term, the cost can often be quantified. In the long-term, a significant challenge is the reputational damage generated by the loss of confidence of consumers, partners, and employees”, the expert comments.

And personal data can be of great value for those who are behind cyberattacks, “as they seek to monetize these attacks selling the data or preparing even more sophisticated attacks using privileged information”.

Stopping These Attacks

The energy sector-focused report from Constella Intelligence shows that 55% of exposed passwords are in plaintext or use weak algorithms like MD5 or SHA1. For this reason, Constella recommends frequent password changes, avoiding password re-use, and using multi-factor authentication: “Guidelines that should form part of any security protocol”.

The experts advise that companies leverage advanced threat detection solutions and implement a proactive strategy that includes a corporate culture conscious of cyber risks. This goes hand-in-hand with solutions to “anticipate, detect, and respond to threats in order to achieve a cyber-resilient organization”.

Learn More About Your Organization’s Risk Exposure

Executives and key employees like privileged IT personnel and HR are the new attack vector for cybercriminals as they have top-tier access to sensitive information which can lead to credential theft, account takeover, and a ransomware attack. Surprisingly, most organizations do not recognize a need for employee protection – until it’s too late. Constella Employee Protection helps organizations rapidly identify and remediate threats targeting 1000s of key employees at scale with real-time monitoring, and automated early warning alerts when credentials have been exposed.

Read the full ‘2022 Mobile World Congress Exclusive: Telcos & Digital Identity Cyber Risks‘ report to learn more.

Try our Exposure Risk Tool to see if you, your company, or your employees have been exposed – FREE.

Alex Romero

Chief Operations Officer