Cyber Threats to Oil and Gas Industry

Recent years have witnessed an increase in the number of cyber attacks against the energy sector. This sector’s main vulnerability is its reliance on ICS/SCADA systems, which have been causing serious concern for the security community for the past years.

The Oil and Gas Industry is considered privileged targets for different adversaries such as nation-state actors, cyber terrorists, hacktivists and even cyber criminals that sell stolen sensitive data in the underground market. In 2012, for example, energy companies were targeted in 41% of the malware-attack cases reported to the US Department of Homeland Security (DHS). And, vulnerabilities in this industry have skyrocketed 600% since 2010, according to data reported in an NSS Labs’ Vulnerability Threat Report.

Here are some examples of significant attacks pertaining to the energy sector:

State-Sponsored

In August 2012, Saudi Aramco was hit by a computer virus that wiped data from 30,000 computers. Although the attack did not have an impact on the oil production, it disrupted Saudi Aramco’s internal communications. The virus, termed ‘Shamoon’, was inserted to the company’s network via a USB stick. The US government has blamed Iran for the attack, and the Secretary of Defense Leon Panetta stated that it was “probably the most destructive attack that the private sector has seen to date”.

Hacktivism

On June 20, 2013, the hacktivist collective Anonymous launched a cyber operation dubbed #OpPetrol planned to target various oil companies around the world. The operation was not a success, but it emphasized the fact that the oil and gas industry represents an attractive target for attackers with different agendas and motivations, including sabotage, cyber espionage, financial, political, and more.

OpPetrol_2

Terrorist Groups

In Tunisia the hacker group Tunisian Cyber Army (TCA) is joining forces with the Electronic Army of al-Qaeda (AQEA). The groups had already carried out cyber attacks against Western targets and they definitely pose an emerging threat in the cyber domain.

Conclusion

We believe that the threat to the Oil and Gas industry will grow in the near future, as the hunt for vulnerabilities in SCADA systems has increased. A couple of weeks ago it was reported that Kaspersky experts discovered a java version of Icefog espionage campaign that targeted at least three US oil and gas companies. According to Symantec, the energy sector was the second most targeted vertical in the last six months of 2012, with only the government/public sector exceeding it with 25.4 percent of all attacks. With millions of threats of varying complexity experienced by the industry on weekly basis, it is not surprising that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security.


2 thoughts on “Cyber Threats to Oil and Gas Industry

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s