shopify stats

ICIT Brief – The Energy Sector Hacker Report: Profiling the Hacker Groups that Threaten our Nation’s Energy Sector

Energy Sector


Among our Nation’s critical infrastructures, the Energy Sector is a primary target for exploitation by nation state and mercenary APTs, hacktivists, cyber jihadists and other hacker teams. Although the nation’s socioeconomic survival depends on the energy sector to deliver energy to the homes and businesses that support life, business operations, and critical systems, it was not built upon a foundation of security and cyber-resiliency, making it highly vulnerable to attack.  To develop truly viable defenses, conversations about energy sector resiliency must focus more on details about actors, malware and evolving attack vectors.

In this brief, entitled “The Energy Sector Hacker Report: Profiling the Hacker Groups that Threaten our Nation’s Energy Sector” the Institute for Critical Infrastructure Technology offers a detailed analysis of the expanding threat landscape within the energy sector as well as profiles on the most prominent actors targeting our Nation’s energy grid.  Specifically, the report discusses:


  • The Incidents that have Shaped Energy Sector Discussions
  • A breakdown of the major components of our Energy Grid
  • The Expanding Threat Landscape
    • IT-OT Convergence
    • Software and Applications (Human Machine Interface, Enterprise Resource Planning)
    • Engineering Workstations
    • Programmable Logic Controllers
    • Historian Systems
    • Synchrophasor Technology
    • Distributed Energy Resources
    • Smart Grid Technologies
    • Cloud Computing Technologies
  • The Threats to the Energy Sector
    • Basic Attack Chain
    • Botnets
    • Network Discovery
    • Insider Threat
    • Cross-site Scripting
    • Dive-by-Downlods
    • Watering Holes
    • Spear Phishing
    • Zero-Day Vulnerabilities
    • Poisoned Updated
    • Wrappers / Packers / Cypter
    • Polymorphic / Metamorphic Hash
    • Ransomware
  • Energy Sector Threat Actors
    • Hacktivists
    • Lone-Wolf Activists
    • Cyberterrorists
    • Cybercriminals
    • Hail-Mary Threat Actors
    • Nation State Threats

This report was authored by James Scott (Sr. Fellow, ICIT) and Drew Spaniel (Researcher, ICIT).

This report has expert contributions from:

  • Igor Baikalov, ICIT Fellow & Chief Scientist, Securonix
  • Parham Eftekhari, Sr. Fellow, ICIT
  • Juan Espinosa, ICIT Fellow & Senior Project Manager, Parsons
  • Malcolm Harkins, ICIT Fellow & Chief Security & Trust Officer, Cylance
  • Jack Miles, ICIT Contributor & Senior Systems Engineer, Centrify
  • Pete Tesronis, Former Chief Technology Officer, U.S. Department of Energy & Federal Advisory Board, Exabeam
  • Dan Waddell, ICIT Fellow & Managing Director, North American Region, (ISC)2
  • Stan Wisseman, ICIT Fellow and Security Strategist, HPE

Download this ICIT Publication Here

By |2018-08-25T20:49:46+00:00August 15th, 2016|ICIT Publications, Sector Specific|0 Comments