Seqrite and Quick Heal Technologies Limited, has revealed concerning findings about the state of the power & energy sector with respect to malware detections. The report, prepared jointly by researchers at Seqrite Labs, India’s largest malware analysis facility, and the Data Security Council of India (DSCI) reveals that the Power & Energy sector has become a prime target for cybercriminals, accounting for 29% of all malware detections in 2024.
Over 15,000 malware detections were recorded across 2,132 endpoints in the sector, indicating a high level of targeted attacks. This translates to an average of 7 detections per endpoint, highlighting the persistent and sophisticated nature of these threats. This alarming statistic highlights the sector’s vulnerability and its attractiveness to threat actors seeking to compromise critical national infrastructure.
The most prevalent malware identified in the sector was LNK.RaspRobin.48713, a particularly insidious threat that spreads via malicious shortcut (.lnk) files on removable media such as USB drives. This malware establishes connections to external servers, enabling it to download additional malicious payloads and establish persistence on infected systems.
The prevalence of LNK.RaspRobin.48713 in the Power & Energy sector is especially concerning due to its propagation method. The use of removable media as an attack vector poses a significant risk in operational environments where USB drives are commonly used to transfer data between air-gapped systems.
To address these growing threats, Seqrite recommends that organisations in the Power & Energy sector implement advanced endpoint detection and response (EDR) solutions, conduct regular cybersecurity awareness training for employees, and develop robust incident response plans. Furthermore, strict policies should be enforced regarding the use of removable media, and network segmentation should be implemented to isolate critical systems from potentially compromised networks.
