Publisher's Synopsis
Among our Nation's critical infrastructures, the Energy Sector is a primary target for exploitation by nation state and mercenary APTs, hacktivists, cyber jihadists and other hacker teams. Although the nation's socioeconomic survival depends on the energy sector to deliver energy to the homes and businesses that support life, business operations, and critical systems, it was not built upon a foundation of security and cyber-resiliency, making it highly vulnerable to attack. To develop truly viable defenses, conversations about energy sector resiliency must focus more on details about actors, malware and evolving attack vectors. In this brief, entitled "The Energy Sector Hacker Report: Profiling the Hacker Groups that Threaten our Nation's Energy Sector" the Institute for Critical Infrastructure Technology offers a detailed analysis of the expanding threat landscape within the energy sector as well as profiles on the most prominent actors targeting our Nation's energy grid. Specifically, the report discusses: -The Incidents that have Shaped Energy Sector Discussions -A breakdown of the major components of our Energy Grid -The Expanding Threat Landscape -IT-OT Convergence -Software and Applications (Human Machine Interface, Enterprise Resource Planning) -Engineering Workstations -Programmable Logic Controllers -Historian Systems -Synchrophasor Technology -Distributed Energy Resources -Smart Grid Technologies -Cloud Computing Technologies -The Threats to the Energy Sector -Basic Attack Chain -Botnets -Network Discovery -Insider Threat -Cross-site Scripting -Dive-by-Downlods -Watering Holes -Spear Phishing -Zero-Day Vulnerabilities -Poisoned Updated -Wrappers / Packers / Cypter -Polymorphic / Metamorphic Hash -Ransomware -Energy Sector Threat Actors -Hacktivists -Lone-Wolf Activists -Cyberterrorists -Cybercriminals -Hail-Mary Threat Actors -Nation State Threats