Thirty-two cyber breaches occurred within the oil/gas/energy sectors in 2022, according to a new report by cybersecurity firm Tenable.
The number put oil/gas/energy tenth highest in a list comprising 29 industries for 2022 breaches, which was included in the report. Health care and social assistance ranked first, with 472 breaches, public administration ranked second, with 162 breaches, and educational services ranked third, with 137 breaches.
Tenable’s breach statistics were captured from November 1, 2021, through October 31, 2022, and include breaches dated within the specified period as well as breaches reported in that timeframe that lacked a breach date, the report noted. In 2022, the company tracked 1,335 breach events during the specified period, the report revealed, adding that this was a 26.8 percent decrease from the 1,825 it tracked during the same period a year earlier.
Tenable stated in the report that its analysis of the breach incidents is performed on a “best-effort” basis and said it is not intended to be a fully exhaustive list of all the breaches reported throughout the time period.
“Based on our past examination of breach data, we recognize that the disclosure process for breaches takes time and, therefore, some breaches may not be made public until months or years after the incident occurs,” the report said.
Speaking to Rigzone, Satnam Narang, a senior staff research engineer at Tenable, said, “in EMEA, ransomware attacks were responsible for 39 percent of attacks against the oil/gas/energy sectors, which is four percent greater than the global average for ransomware attacks across all sectors (35 percent)”.
“As we’ve observed over the last few years, ransomware groups are well-oiled machines, working with partners (known as affiliates) to conduct the attacks, while the groups rely on a variety of staff to manage a variety of business functions, from human resources, marketing to negotiating payment from victims, extorting them for hundreds of thousands to millions of dollars,” Narang added.
Outside of ransomware, one third of attacks were labelled ‘unspecified cyberattacks’ as the businesses impacted did not explicitly state the nature of the attack, Narang said.
“The root cause can vary, but more often than not, are likely the result of malware or ransomware,” Narang stated. “There are a number of techniques employed by ransomware affiliates and other cybercriminals to breach organizations, from spearphishing and exploiting vulnerabilities to targeting third-party entities as an inroad into a number of companies,” Narang added.
“Ransomware continues its dominance, and while there are indications ransomware attacks have slowed recently, their impact remains relatively high and the profitability makes it unlikely that these groups will cease their operations anytime soon,” Narang continued.