Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Promoted

Protect your energy firm from dark web threats

By Searchlight Cyber
18/07/2023, 4:19 pm Updated: 20/07/2023, 9:00 am
© Supplied by Searchlight Cybera facility for the energy industry

Cybercriminals are selling initial access to energy companies on the dark web, with numerous targets in the UK according to an industry report. Is your company ready to address these issues of cyber security?

The deepest and darkest corners of the internet are hiding some of the most dangerous threats to industries, including energy companies and their most critical and sensitive data.

Yet, despite the ever-present threat of cyber attacks, some senior managers don’t believe the dark web poses a threat to their organisations.

In fact, more than a quarter, or 27% of CISOs in the energy industry believe that activity on the dark web has no impact on their companies. That’s according to a new report by dark web intelligence firm Searchlight Cyber.

The company’s director of threat intelligence, Jim Simpson warns: “(These cyber threats) are real. They’re real for everyone. Vulnerabilities are happening all the time. Exploits are being developed all the time.”

What is the “dark web”?

First, it’s important to know what the “dark web” is. It’s a collection of websites, forums, and marketplaces that are only accessible with specialist software such as “The Onion Routing” protocol or Tor. Tor is free software that allows people to share data and communications anonymously over a public network.

It’s different from the “clear web” which is open and accessible. Some examples of these are news or industry websites like BBC and Energy Voice. Search engines like Google can index sites on the “clear web” and make them searchable.

There are other sites like Facebook that are available to everyone, but they require an account or a password to get into. These sites are on the “deep web”.

Cyber threats on the dark web

“That level of anonymity (in the dark web) emboldens people to share more criminal data. (Criminals) like the fact that it’s hard to find out who runs the service but it’s easy to access and easy to see for most people,” explains Jim.

For example, the dark web is a magnet for ransomware operators who use malware (like a virus) to encrypt files. They convert valuable information (like a company’s intellectual property, mining rights, payroll or HR records) into a code and then demand a ransom paid in cryptocurrency in exchange for a key to decrypt those files.

But Jim warns the way ransomware operators work is constantly evolving. “They can do double extortion where they encrypt as well as steal files. They can also give them away for free to the general public or contact your customers to shame your company, putting more pressure on people to pay.”

Dark Web Intelligence for the Energy Industry

Searchlight Cyber’s report, Dark Web Threats Against the Energy Industry, shows that energy companies are routinely discussed on dark web forums, particularly by threat actors auctioning initial access to remote software, VPNs and stolen credentials.

That analysis is based on a sample gathered over the 12-month period between February 2022 and February 2023. The sample includes numerous listings for organisations all over the world, including targets in the UK, France, Italy, USA, Canada, and Indonesia.

Most of the auction posts list the organisation’s country, its industry, its revenue and the type of access being sold. The name of the organisation is also given in some cases.

How dark web intelligence can help

This is where dark web intelligence plays a key role. Security professionals can gather pre-attack data from these forums and determine if their organisation is being targeted.

And even if they don’t fit the exact profile of the victim, they can consider the tactics being used against other energy companies in their own cyber defences.

Jim says: “You can prepare for types of attacks before they happen by watching those trends on the dark web. Then, if an attack does happen, you have that game plan ready before it even affects you.”

Searchlight Cyber can help you

In addition to providing energy organisations with critical intelligence from the dark web to enhance their threat models, Searchlight offers an automated dark web monitoring platform that scans for emerging threats. Their platform also offers energy companies visibility into Tor traffic to and from their network, which is a key warning sign of malware installation, insider threats, and data theft.

“We can get to places on the dark web where you can see, through our products, what cybercriminals are offering. You can set up alerts so that (you know) if you are being mentioned or if peer organisations or someone in your industry vertical is ever mentioned.”

“In order to keep pace with the latest threats, energy organisations should be continuously monitoring the dark web and building threat models for specific risks at least every six months. This combination will help energy companies keep their security up to date and increase their ability to stop cyberattacks,” says Jim.

Visit Searchlight Cyber’s website to learn how you can stay ahead of dark web threats.

Recommended for you