Attacks on infrastructure and energy companies are increasing, but they are occurring inside enterprise IT networks, not directly in the critical infrastructure, according to a new report. AI powered attack detection specialist Vectra finds attackers typically gain a foothold in energy and utilities networks by staging malware and spear-phishing to steal administrative credentials. Once inside, they use administrative connections and protocols to perform reconnaissance and spread laterally in search of confidential data about industrial control systems. "The utility and energy industry heavily focuses on security critical infrastructure," Chris Morales, head of security analytics at Vectra says. "Which means making sure…
[Continue Reading]