A spear-phishing campaign targeted the systems of 11 energy sector companies, according to a report from the Department of Homeland Security (DHS).
The campaign was active in October 2012 and it used publicly available information.
In order to target specific individuals within the energy sector, the attackers harvested information available on the companies’ websites. They utilized names, email addresses, company affiliations and work titles to make the emails they sent out more legitimate-looking.
“Malicious emails were crafted informing the recipients of the sender’s new email address and asked them to click on the attached link. This link led to a site that contained malware. Another email with a malicious attachment may also have been associated with this campaign,” the DHS report said.
Working with the ES-ISAC, officials were able to determine 11 entities ended up targeted in this campaign, and luckily no known infections or intrusions occurred. ICS-CERT worked with our partners at the ES-ISAC to coordinate support for the targeted entities.
The DHS said publicly accessible information found on company websites and social media accounts are a valuable resource for cybercriminals.
That’s why the agency advises organizations to limit the business-related information published on their websites. In addition, users should be cautious about the business-related and personal information they share on social networks.