Report: Energy Companies Are Top Target of Web-Borne Malware

Dark Reading and ScanSafe bring us this report about the top five targets for web-borne malware attacks. Guess who’s number 1? Yes, the Oil and Gas Industry. But why and what can be done about it?

Mary Landesman, of ScanSafe opines, “…one has to question whether these encounters are incidental or whether these particular sectors are under attack.”

Well, Mary, as one who sees the web-borne attacks on a daily basis I think I can provide some insight. I can’t really comment on the Chemicals or Engineering sectors problems, although I do have a few guesses.

Here’s what I see in the Oil and Gas sector. There are a LOT of people in this industry using computers without any formal training of any kind. There is a serious lack of regulation on what the field computers are used for. And a fair number of the oil patch guys are kind of rough and tumble good ol’ boys who like their women fast and computers loaded with porn. They’d also rather gnaw off a toe than pay for software, music, movies or anything else unless it has four wheels.

Really, that’s just the way it is.

It appears to me that a lot of the companies or divisions working in the field don’t really have adequate IT support staff to help these guys. Think of yout typically IT guy and ask yourself if he wants to work with a guy who would just as soon swing a 32″ pipe wrench at his head as talk to you. You can see why attraction and retention might be difficult.

Also, since a lot of malware isn’t readily identifiable by a neophyte user, most of them think they don’t have a problem and if the computer appears ’slow’, they just buy a new one.

What often gets overlooked is that the information that is on that computer, the information that the client is paying for, is going out the door to whoever dropped the payload on that computer through bustybabes.xxx.

Maybe it’s a pimply teenager looking for credit cards.
Maybe it’s Osama Bin Laden’s third cousin, twice removed, on his mother’s side.
Maybe it’s your client’s competitor.

The remedy is to do some things like I do:

1. Lock down computers via a whitelist so they can only go to sites approved for work.
2. Automate virus, spyware and rootkit scanning so that the user can’t stop it.
3. Automate the back-up so it can’t be easily circumvented.
4. Prevent users from installing software.
5. Have users upload important information daily to a remote repository so there is always something on file.
6. Document user usage.
7. Have a good Information Technology Acceptable Use Policy and enforce it.
8. Provide the best technical support you can so that the user doesn’t have to call his nephew to fix his machine.
9. Educate users that it’s not just work information at risk. Show them how it can affect them personally and they will be more cautious.

I hope this will be helpful to you - if you have any questions, please contact me. I really like the Oil and Gas industry and would like to see it continue to flourish in a healthy manner.

Tags: attack, energy, gas, malware, oil, security, web