A previously undocumented hacking group has been targeting oil and gas companies along with telecommunications providers from Africa to Central Asia to the Middle East, the industrial cybersecurity company Dragos said Thursday.
The revelation brings to five the number of groups tracked by Dragos that go after the oil and gas sector, highlighting the growing interest shown by well-resourced hackers in probing the industrial control systems (ICS) that underpin energy infrastructure. Oil and gas companies move markets and are strategic national assets, giving cyber operatives plenty of reason to scope them out.
The new hacking group, which Dragos calls Hexane, has been particularly active in recent months, targeting organizations with phishing lures and malware implants.
“It’s definitely stage-one activity with the intent to intrude,” Casey Brooks, senior adversary hunter at Dragos, told CyberScoop. “Whether they were successful or not, we can’t comment on that.”
The far-flung activity underscores the interest that ICS-focused hacking groups, including the one responsible for the infamous Trisis malware, have in infiltrating the supply chain.
Yet another hacking group is targeting oil and gas companies, Dragos says