In the past six months, there has been a sharp increase in cyberattacks on companies in the fuel and energy complex (FEC). It amounted to 40% compared to the same period last year. The main goal of the attackers is espionage, and not the theft of financial data, as it was before.
According to BI.ZONE, almost a third of the cyber groups attacking Russia are targeting oil and gas enterprises and other organizations in the extractive industry. In the first half of 2024, 60% of attacks were aimed at obtaining financial information, in 2025 this figure decreased to 25%. Now 41% of incidents are related to espionage, and the remaining 34% are divided between hacktivism and mixed motivation, when attackers demand a ransom for data and threaten to publish it.
Experts attribute the change in the motivation of cybercriminals to the growing value of confidential information. Possession of such data opens up opportunities for blackmail and market manipulation. Hackers now prefer to stay in corporate networks for a long time, collecting compromising materials, internal correspondence and strategic documents that can be used to put pressure on companies.
In addition, 67% of attacks on the fuel and energy complex begin with phishing emails containing malware. BI.ZONE specialists recorded more than 1.6 thousand phishing resources targeting clients in the oil and gas sector, which is 50% more compared to last year.
Analysts emphasize that espionage is becoming a logical choice for attackers, as stolen information can bring much more benefit in the long term than quick financial gain.
Read more on the topic:
How hacker attacks on industry and telecom in the Russian Federation have changed
