Energy sector companies are attractive ransomware targets

Centre for Cybersecurity assess the threat from ransomware attacks against the Danish energy sector after the attack against Colonial Pipeline in the United States, and the changes in the criminal underground that followed in the aftermath.

This threat assessment describes how a number of changes in the criminal underground following the attack against Colonial Pipeline have not lead to changes in the overall threat landscape. The organisations behind ransomware attacks continue to possess the capability and intention to target Danish organisation, including the energy sector.

 

These cyber criminals are calculating that organisations that depend on continuity and have a fairly large revenue, will be more likely to pay the ransom. This is why organisations in the Danish energy sector are also attractive targets.

 

OT networks (Operational Technology) can be hit directly by ransomware attacks, and can also be indirectly affected by compromised IT networks. The fear that an attack may spread, can ultimately lead to an organisation shutting down operations on its own, as was the case with Colonial Pipeline.

 

This threat assessment is intended to help organisations in the energy sector get an updated understanding of the threat from ransomware attacks.

  • Author

    Centre for Cybersecurity

  • Release Date

    December 3, 2021

Download publication

Related

Storebæltsbroen i Danmark (FOTO: Shutterstock)

The Cyber Threat Against Denmark

The national cyber threat assessment from CFCS.

Skruetvinge. FOTO: Shutterstock

Double extortion

Ransomware actors threatening to leak data.

Hackerkvinde, FOTO: PR Image Factory/Shutterstock

Ransomware attacks

Report from CFCS about the anatomy of ransomware attacks.