https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Oil rig_oil and gas industry

Oil & Gas Spearphishing Campaigns Carry Agent Tesla Spyware

  • Written by Pam Baker
  • April 22, 2020
It is the first documented instance of Agent Tesla targeting the oil and gas industry.

As the oil market crashes, news comes that hackers have been targeting oil and gas companies with spearphishing campaigns loaded with Agent Tesla spyware. Bitdefender researchers say “this is the first documented instance where Agent Tesla has been associated with an attack against the oil and gas industry.”

The attacks appear to have centered on the recent OPEC+ deal as they targeted related companies in the U.S., Malaysia, Iran, South Africa, Turkey, Oman and The Philippines.

Bitdefender's Liviu Arsene

Bitdefender’s Liviu Arsene

“The date when we registered the spike seems to coincide with the same date when OPEC and other producers were supposed to extend a deal on oil output curbs. The fact that it drops the Tesla Agent infostealer suggests these campaigns could be more espionage-focused,” said Liviu Arsene, Global Cybersecurity Researcher for Bitdefender.

Arsene said that these threat actors might have some skin the game — perhaps some stakes in oil and gas prices or in future developments — especially since the niche targeted vertical dovetails with the ongoing oil crisis.

“In this sector, the links between the government and private sector are very strong and in many countries the government owns large parts of these companies. Even though private companies do not directly influence negotiations, they may deal with confidential information about the OPEC meeting,” Arsene said.

The spearfishing campaigns are exceptionally well done as they “reference legitimate and well-known companies, projects, processes, and vessels and use industry jargon and abbreviations,” according to a recent Bitdefender report.

“This seems to be an espionage campaign that involved having intimate knowledge of operational procedures and jargon used by the industry. This could be the result of knowledge acquired over time through other campaigns, which potentially led to getting access to this type of information,” said Arsene.

Using the Tesla Agent spyware seems to indicate an interest in collecting information specific to the targeted industry.

KnowBe4's James McQuiggan

KnowBe4’s James McQuiggan

“The criminals are using a malware strain from six years ago, which downloads a keylogger onto the computer. This malware collects sensitive information,” said James McQuiggan, Security Awareness Advocate at KnowBe4.

The bottom line is that it is getting progressively harder to spot spearphishing emails given the immense amount of accurate details threat actors commonly use these days.

“If there’s one thing these highly focused spearphishing attacks have in common, it’s that attackers seem to leverage every piece of information, public or from past breaches, to surgically craft messages and emails that have a really high chance of tricking victims,” said Arsene.

Besides leveraging information, criminals are cleaning up their act to fool more people too.

“Gone are the days of phishing emails with misspellings, poor grammar and zip files. The criminal groups are becoming more and more sophisticated with understanding organizational procedures to socially engineer their way in via email,” said McQuiggan.

Given the rise in sophistication of phishing attacks, this is a good time for MSSPs to review their user training programs to ensure the ways of detecting spearphishing are up to date.

It is also prudent for MSSPs to increase protections for customers in verticals that haven’t been heavily targeted in the past but may be in the news now. Previous attack patterns and tactics may not be as prevalent in this new global pandemic paradigm.

Tags: MSPs Business of Security Cloud and Edge MSSP Insider Network Training and Policies

Related


  • Zero Trust Security
    3 Strategies for Selling Zero Trust in the Channel
    Switching to a zero-trust security approach reduces exposure to potential data breaches and helps drive down fixed costs.
  • Malicious hacker group
    BlackBerry Research: MSSPs Increasingly Targeted by Hacker-for-Hire Groups
    The cybercrime industry has adapted to new digital habits.
  • Threats
    Threat Protection Vendors: Why MSSPs Have to Ramp Up Efforts Right Now
    “Look no further than the headlines,” says one vendor. “You owe it to your customers,” says another.
  • Spam
    Kaspersky Research: Russia Now No. 1 Global Source of Spam
    The most frequent targets of phishing attacks were online stores.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cybercriminals Now Targeting Unemployment Benefit Claims
  • How Ransomware Is Accelerating in the COVID-19 Era
  • Cowbell Cyber Debuts Partner Program to Manage Cyber Risk
  • Blame IT Pros for Data Privacy Failures?

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

The “Roaring 20s” Are Coming

February 25, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Learn how @VMWare can help you build and deliver a #multicloud strategy. #hybridcloud #cloud #AWS… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

Learn about the merging of our media websites; plus, a new #MSP Summit this fall. @Channel_Expo… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

.@KnowBe4 acquires @MediaPROInc to beef up #cybersecurity training. dlvr.it/RtvdpB https://t.co/FzseCn4K6A

March 3, 2021
ChannelFutures

#COVID19 is ramping up #socialengineering – time for MSSPs to step in. @Electric_AI dlvr.it/RtvRQc https://t.co/ebTJNJcOxz

March 3, 2021
ChannelFutures

.@pluribusnet launches expanded, simplified partner program. #SDN dlvr.it/RtvGtQ https://t.co/bRDqYLEhXJ

March 3, 2021
ChannelFutures

#SupplyChain agility is changing global distribution patterns and #ictservices, says @NeecoICT.… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

.@Centrify, @Thycotic merging, creating potential challenge to PAM leader @CyberArk. #cybersecurity… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

RT @Channel_Expo: Day 2 of #CPVirtual is live! 👏 In this preview, @Craig_Galbraith highlights some of the biggest sessions and activities y…

March 3, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X