A recent Thales cyberthreat report revealed 10% of cyberattacks on power plants are likely led by organised cybercriminals and state-sponsored actors. And, it concluded that the power generation industry is one of the most at risk sectors. Now French multinational Thales has partnered with American owned GE Steam Power, confirming an agreement at the International Cybersecurity Forum held in France this week.
Thales and GE Steam Power will work together to deliver a suite of cybersecurity solutions to power plant operators. The collaboration will combine the cybersecurity knowledge of Thales with GE’s power industry expertise and hopes to deliver threat intelligence, joint training programs, and other cyber solutions.
– Watch our free taster sketch “Phishing Emails in Real life” from our hilarious Sketches security awareness training series
As per Power Engineering International, GE has installed hardware and equipment at the National Digital Exploitation Centre (NDEC). The centre was created by Thales and the Welsh government for cyber development and education. The GE equipment will be used to demonstrate cyber-attacks and model response scenarios alongside Thales’ Cyber Range.
Thales released its “Cyberthreat Handbook,” last year. It was produced in collaboration with Verint and details cyberthreats to the power generation and other sectors, the major groups of hackers and cybercriminals, and the most commonly used attack vectors. Thales describes the comprehensive document as a “who’s who,” of cyber attackers. It was produced after a year of investigation, “100 days of detailed analysis,” and by eight full-time analysts with over 100 sources of data studying 490 attack campaigns globally.
Thales says the handbook is a, “report of unprecedented scope designed to provide a classification and basis for further investigation of major groups of cyberattackers, including cybercriminals, cyberterrorists, hacktivist groups and state-sponsored hackers.” It adds the purpose is, “to help organisations in the private and public sectors to better detect and anticipate future attacks.”
The analysts categorized cyber attackers into four groups:
“Out of approximately sixty major groups of attackers analysed, 49% are state-sponsored groups often aiming to steal sensitive data from targets of geopolitical interest. 26% are ideologically motivated hacktivists, closely followed by cybercriminals (20%) who are driven by financial gain. In fourth position, cyberterrorists account for 5% of the groups analysed.”
And, they summarise that the globe’s major powers, unsurprisingly, are the targets of cyberattackers. The US is at the top of the list, followed by Russia, and the European Union but especially the UK, France and Germany. The sectors most targeted by attackers were defence, the financial sector, and energy and transportation but Thales notes that attacks on the media and health industries are also growing and that:
“A growing number of groups of attackers are now focusing on vulnerabilities in the supply chain, and in particular on smaller partners, suppliers and service providers that are used as trojans to access major targets.”
Listed amongst the main attack methods are website defacement, DDoS, ransomware, trojan, wiper and backdoor attacks. The techniques used range from using scripting techniques to manipulate systems and run certain functions to changing data or code to make attacks harder to detect. As well as using “credential dumping,” i.e., obtaining or stealing authentication methods to gain access. And, lastly, “exploiting human weakness,” by fooling users in to running malware themselves by “clicking on a malicious link or attachment,” contained in a spear phishing campaign.
The Cyberthreat Handbook also analysed the typical “modus operandi,” of attackers, their process and progress through breached systems in order to achieve their goals. Along with running harmful malware, one end goal, per the report, appears to be the theft of data.
Thales and Verint say:
“It has become vital for power generation operators to get specific and regular training to understand what they are fighting and how to better protect their systems.”
The agreement between Thales and GE will see the two companies deliver joint training for power plant operators.
A need for understanding and security awareness
No matter the industry and intent, cyberattackers will seek out potential vulnerabilities. Often humans are the target as many unintentionally fall for phishing attacks containing malicious links and attachments which release harmful malware into corporate systems.
Proofpoint’s new 2020 “State of the Phish,” report takes a detailed look at global cybersecurity and phishing attacks. It conducted 50 million simulated phishing attacks and surveyed 600 IT professionals across sectors. It found that in 2019, over half of all organizations were victim to at least one successful phishing attack.
At The Defence Works we know that technology and systems are vital in the fight against cybercrime but we also believe that security awareness training for employees is also one of the best defences. Considering, of course, the prevalence of phishing attacks.
It’s not easy to train employees in cybersecurity, but that’s why we make our security awareness training quick, simple and fun. This makes it more memorable, more effective, and helps to protect your company better.
Interested in learning more about how security awareness training can help your organisation? Sign up for a free demo of the world’s most interactive security awareness training.