Recycled Fuel? OpPetrol Campaign Rerun This June

Hacktivist collective Anonymous announced a cyber campaign called #OpPetrol, planned to be executed on June 20th, 2014. This is a re-run of a similar campaign with an identical name which was launched at the same exact date last year, aimed at the international oil and gas industry at various geographies. The most prominent group seems to be AnonGhost that recently defaced hundreds of websites and leaked a large amount of credit cards details.

Image

The campaign is likely to include a mix of DDoS, defacement and data dumps. The countries that are targeted are:

  • US
  • Canada
  • England
  • Israel
  • China
  • Italy
  • France
  • Russia
  • Germany

In addition, specific Oil and Gas companies in various locations, from the Gulf to Norway are on the target list. Last year’s campaign did not cause any substantial damage and we assume this re-run will achieve similar results.

Hacking as an Artistic Expression

Hackers are creative people. Everybody knows that. They have to be technically creative in order to outsmart security mechanisms, perform their antics and get away without being caught (sometimes).
But artistic creativity? Not the first thing we associate with hacking. However, after witnessing their creative works of art, we felt compelled to share these with you.
So you are welcome to enjoy the works of the “Russian classical painters”, the “surrealist hacktivists designers” and the “Iranian masters”:

A Russian hacking forum
A Russian hacking forum
Portal of Russian hackers
Portal of Russian hackers
Another Russian hacking forum
Another Russian hacking forum
A carding shop
A carding shop
#OpUSA (May 7, 2013)
#OpUSA (May 7, 2013)
#OpPetrol (June 20, 2013)
#OpPetrol (June 20, 2013)
#OpEgypt
#OpEgypt
Iranian Cyber Army (ICA)
Iranian Cyber Army (ICA)
Ashiyane Digital Security Team (ADST)
Ashiyane Digital Security Team (ADST)

Cyber Threats to Oil and Gas Industry

Recent years have witnessed an increase in the number of cyber attacks against the energy sector. This sector’s main vulnerability is its reliance on ICS/SCADA systems, which have been causing serious concern for the security community for the past years.

The Oil and Gas Industry is considered privileged targets for different adversaries such as nation-state actors, cyber terrorists, hacktivists and even cyber criminals that sell stolen sensitive data in the underground market. In 2012, for example, energy companies were targeted in 41% of the malware-attack cases reported to the US Department of Homeland Security (DHS). And, vulnerabilities in this industry have skyrocketed 600% since 2010, according to data reported in an NSS Labs’ Vulnerability Threat Report.

Here are some examples of significant attacks pertaining to the energy sector:

State-Sponsored

In August 2012, Saudi Aramco was hit by a computer virus that wiped data from 30,000 computers. Although the attack did not have an impact on the oil production, it disrupted Saudi Aramco’s internal communications. The virus, termed ‘Shamoon’, was inserted to the company’s network via a USB stick. The US government has blamed Iran for the attack, and the Secretary of Defense Leon Panetta stated that it was “probably the most destructive attack that the private sector has seen to date”.

Hacktivism

On June 20, 2013, the hacktivist collective Anonymous launched a cyber operation dubbed #OpPetrol planned to target various oil companies around the world. The operation was not a success, but it emphasized the fact that the oil and gas industry represents an attractive target for attackers with different agendas and motivations, including sabotage, cyber espionage, financial, political, and more.

OpPetrol_2

Terrorist Groups

In Tunisia the hacker group Tunisian Cyber Army (TCA) is joining forces with the Electronic Army of al-Qaeda (AQEA). The groups had already carried out cyber attacks against Western targets and they definitely pose an emerging threat in the cyber domain.

Conclusion

We believe that the threat to the Oil and Gas industry will grow in the near future, as the hunt for vulnerabilities in SCADA systems has increased. A couple of weeks ago it was reported that Kaspersky experts discovered a java version of Icefog espionage campaign that targeted at least three US oil and gas companies. According to Symantec, the energy sector was the second most targeted vertical in the last six months of 2012, with only the government/public sector exceeding it with 25.4 percent of all attacks. With millions of threats of varying complexity experienced by the industry on weekly basis, it is not surprising that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security.