One-quarter of the 150 largest energy companies in the U.S. are highly susceptible to a ransomware attack, new research from Black Kite revealed today. Leaked credentials on the dark web, out-of-date systems, and misconfigured email systems are putting the U.S. energy sector at risk.
The oil sector is at the highest risk, with 28% highly susceptible to incur a ransomware attack compared to 25% of natural gas companies and 17% of the electric sector. Black Kite’s Ransomware Susceptibility IndexTM (RSI™) allows a process of inspecting, transforming, and modeling data collected from a variety of OSINT sources (internet-wide scanners, hacker forums, the deep/dark web and more). Using data and machine learning, the correlation between control items is identified to provide a ransomware susceptibility rating on a scale from 0.0 (less susceptible) to 1.0 (more susceptible).
The 150 largest energy companies (market cap) had an average RSI rating of 0.42. Increased ransomware risk is attributable to several factors, including leaked credentials within the past 90 days, out-of-date systems, and lax email security. More than 75% of the energy sector has at least one leaked credential on the dark web, 49% has a critical vulnerability due to out-of-date systems, and 74% have not deployed email security configurations to prevent spoofing and phishing attacks.
“At face value, the energy sector has a decent overall security posture. However, when you look under the hood there are areas of concern that make our nation’s energy infrastructure susceptible to crippling ransomware attacks,” said Paul Paget, CEO of Black Kite. “It is critical that energy providers continuously monitor their systems and partners and view risk from the hacker’s perspective.”