Compared to last year’s (H2 2020) statistics, mobile phishing operations targeting energy business personnel have increased by 161 percent, and the trend shows no signs of slowing down.
Although obsolete and insecure devices are a threat to all industries, according to a recent analysis from cybersecurity firm Lookout, energy is the most targeted, followed by banking, pharmaceuticals, government, and manufacturing.
Asia-Pacific is at the top of the list regarding geographic targeting, followed by Europe and North America. However, phishing attacks against the global energy business are on the rise all around the world.
During the first half of 2021, mobile phishing attempts targeted approximately 20% of all employees in the energy industry, an increase of 161 percent from the prior six months.
Many people use VPNs to access business networks because of the COVID-19 epidemic, which has caused many individuals to work from home. Unfortunately, threat actors that employ phishing to gain VPN or domain credentials find this remote access to a company network to be an appealing target.
Lookout researchers found that in 67 percent of the phishing incidents they investigated, credential theft is being carried out by threat actors. The attackers use email, SMS, phishing applications, and login pages on phony business websites to carry out these attacks.
They use these credentials to obtain access to internal networks, which they then exploit to travel laterally and identify other pivoting points. They can then identify susceptible systems and conduct cyberattacks against industrial control systems, which sometimes have undiscovered weaknesses for years.
According to the Lookout report, the most substantial attack surface comes from 56 percent of Android users running out-of-date and insecure operating system versions.
As per Lookout’s telemetry, only 44.1 percent of active Android smartphones were using Android 11 a year after it was introduced. On the other hand, iPhones are significantly less vulnerable to abuse because the majority of iOS users are using the most recent version. Some issues in previous Android versions are easy to exploit and visible to the whole user base.
Apps that ask for unsafe permissions and access sensitive data on the device have become a more significant concern than “pure” malware since they are significantly simpler to get past app store testing.
Many of these applications link to unknown servers and transfer various forms of data unrelated to their primary functioning yet pose a significant danger to the user and their employer.
Spyware, trojans, keyloggers, and ransomware droppers are still a threat, but they’re more likely to be used in carefully targeted campaigns, resulting in far lower distribution numbers.
As a result, staff training is crucial in reducing security failures, as the human aspect remains the most significant risk for riskware installation and suspicious link clicking/tapping.
According to Lookout, one session of anti-phishing training leads to a 50% reduction in phishing link clicks over the next 12 months.