Hacking a $5 billion-a-year industry is no easy feat, especially when it involves an organization with $3 billion in annual revenue.
But the hacker collective known as Anonymous is working on it.
In a series of tweets on Friday, the collective warned hackers of “several industrial services providers” and “severals companies” who were using the “unencrypted network” that it used to conduct operations.
The group said it would use “any tools we have to take down their systems.”
Anonymous, which has previously targeted the U.S. Department of Energy and its energy company Energy Pioneer, did not elaborate on the specific targets.
However, the group’s tweets did include the names of some of the companies and organizations that were targeted in its campaign.
“The security vulnerabilities in the infrastructure of these industrial service providers are very serious,” Anonymous said in its first tweet.
“They are able to bypass all security measures, including passwords, and to access your files and devices.
They can also manipulate the information in your devices and your accounts.”
The group also claimed that the systems used by these companies were “hacked and infiltrated” by “Anonymous members.”
The industrial service provider and its security experts have repeatedly warned that hackers can take advantage of vulnerabilities in these networks.
They say that the attackers could, for example, remotely take control of devices connected to the industrial service’s network.
The U.K.-based security firm Symantec also reported in January that hackers were exploiting a vulnerability in some industrial service networks to access files and steal credentials for users and corporate clients.
“These industrial service companies and their systems are vulnerable to intrusion by attackers using network-based access controls, or by malicious actors that use the insecure access control lists to bypass security measures,” Symantech said in a statement.
The hacker collective said that its goal was “to make these industrial services companies pay for their breaches, as well as other breaches.”
It said that the hack was being carried out by “severable actors.”
“It is not clear who exactly the targets are, but we are not making any promises as to the identity of these actors,” Anonymous told Ars.
“However, it is clear that their goal is to take advantage by compromising the network infrastructure of industrial services, and potentially also to access sensitive data and to steal passwords for these industrial accounts.
They have taken advantage of the security gaps in the networks, and have exploited those security weaknesses to obtain access to data and other data.”
The hacker group, which also called itself “Anonymous” in its initial tweets, said it had identified the attackers and was working to “takedown them.”
It did not specify what type of cyberattack the hackers were targeting.
“This is a very high-risk campaign,” Symantiec said in an email to Ars.
But, it added, “We expect this group will respond to any new attacks and will take any measures necessary to defend against future attacks.”
The hackers said they had not seen any evidence that the industrial services firms were hacked by Anonymous.
The industrial services sector accounts for a small share of the company’s total revenues, according to the firm’s filings with the U,S.
Securities and Exchange Commission.
But its revenue has grown substantially since the beginning of the year.