The need for increased mobile security in the Energy sector has become evident with new data highlighting why these phishing attacks are occurring and effective ways to stop them.
It shouldn’t entirely be a surprise to see the Energy Industry as a primary target. Everyone is very aware of the attacks on Oil pipelines and other critical infrastructure companies this year. But new data from security vendor Lookout provides some insight into at least one growing initial attack vector – mobile devices. In their 2021 Lookout Energy Industry Threat Report, mobile devices are front and center:
- 20% of Energy employees were exposed to a mobile phishing attack in 1H 2021, a 161% increase over 2H 2020
- Two-thirds of mobile attacks on Energy had the goal of credential harvesting
- There was a 44% increase in mobile devices connecting to Energy organizations, with unmanaged and BYOD mobile devices increasing by 41% over the last 12 months
The Energy sector was the number one industry targeted with mobile attacks, experiencing 17% of all attacks. Finance, Government, Pharma, and Manufacturing were the other top-targeted sectors.
The report does provide some good news, covering some security measures that reduce the threat surface and the risk of attack:
- Ensure that mobile devices are included in overall cybersecurity programs.
- Ensure mobile phishing protection is running on every mobile device.
- Ensure visibility into mobile apps on devices connecting to corporate resources.
The report also mentions the value of Security Awareness Training, citing that 62.5% of employees that were educated on phishing links did not click on a subsequent phishing link.