Lloyd’s of London (the insurance company) and the University of Cambridge Centre for Risk Studies did a study estimating the losses that could result from a cyberattack on the power generation system of the United States.
The study estimates that the cascading failures that could result from a cyberattack on the U.S. power grid could result in losses of over $1 trillion. What triggers the losses in this study? A spearphishing email.
Could such a thing really happen? It already did in Ukraine. In December of 2015 someone used a spearphishing email to seize control of a power grid in Ukraine. That incident resulted in about 700,000 people losing power.
People ultimately operate systems. They do this using their system access privileges. Email is a time-tested way to access people and compromise their system privileges. Spearphishing deceives users into compromising actions. You can fight email deception using SP Guard from Iconix.