Cyberattacks against energy and utilities firms begin inside enterprise IT networks