The skills and tools used by the hackers were fairly orthodox, according to the report.
Firstly, the attackers used SQL-injection techniques to compromise their target's company extranet web servers, thereby allowing remote command execution.
They then uploaded widely available tools onto the compromised servers, providing access to internal desktops and servers. Password cracking tools let the hackers gain extra usernames and passwords.
By disabling Internet Explorer proxy settings, the infiltrators enabled direct communication from infected machines to the internet, allowing them to exfiltrate emails and other sensitive documents from company executives.
Spear-phishing techniques were also used to gain additional information from company accounts.
Although the hackers used typical techniques, this was not a sign that the energy companies' systems were weak, Day said.
"It's a sign of the complexity of the IT world we work in," he explained.
"A SQL injection is something organisations see every day the challenge is most organisations, especially large ones, have such a breadth of environment and the challenge is being able to stay on top of all of that."
Day said it has become very hard for businesses to remain "100 per cent compliant" given the complexity of the security environment now.
