Energy companies in the US were hacked 79 times last year according to a survey by ThreatTrack Security.
The study of 200 IT and security managers at energy companies and financial services companies found that financial companies have “a slight edge in their security readiness over their energy sector counterparts, but not by much”.
The survey found that 35% of respondents reported endpoints on their network had been infected by malware that evaded their defenses during the last 12 months.
Moreover, 58% of respondents cited the complexity of malware as the most difficult aspect of defending their organization.
Of all respondents, 61% of energy companies said email is the biggest threat vector to allowing malware onto their systems.
When asked who is behind the attacks, 34% of security professionals in the energy sector pointed the finger to hacktivists.
Protecting against threats
To combat threats, energy companies are focusing on training their IT staff on new technology and cybersecurity strategies (50%); implementing new policies (35%); and investing in advanced malware detection technology (34%).
The study said: “In past ThreatTrack Security research, training has often been cited as a top priority, but it was generally related to employee/user training to increase awareness of potential security risks.
“This study revealed that security professionals within finance and energy organizations feel it is an imperative to re-educate IT staff on new security strategies and emerging advanced threat detection technologies.
It adds: “This implies a recognition that the old network security model is dated.”
Future cybersecurity threats?
When asked if their company will be the target of an advanced persistent threat, targeted malware attack or other sophisticated cybercrime or cyber-espionage tactic in the next 12 months, 38% of all respondents said it is either a certainty or highly likely, while another 35% said it was somewhat likely.