Oil and Gas Industry Vulnerable to Cyber Security Attacks?

Oil and Gas industry is one of the major contributors to the economy worldwide. Countries like America, Russia, Saudi Arabia, Iraq, China and Canada convey enormous amounts of oil and gas, being the major growth contributor of these countries.

Structure of Oil and Gas Industry

An oil company divides into three segments- upstream, midstream and downstream. More cyber-attacks happen in the production sector (upstream) and transport sector (midstream) than in the distribution sector (downstream) in the oil and gas industry. The monitoring in this industry includes examining the resource, production, quality, temperature, chemical composition, safety and leaks.

The companies face challenges in constant monitoring throughout the process. To avoid the risks and ease the monitoring process, companies switched to systematic regulations of operations. Systematic control over the operations are more practical when the pipeline runs through remote areas where human monitoring is less possible. Due to their dependence on technology and being powerful in the financial sector, cyber threats are higher than any other industries in the world.

(Global data of increased cyber security attacks in the oil and gas industry during March 2019- March 2020. Source: Ars Technica)

Cyber Threats: Classified

Infrastructure Sabotage

Infrastructure sabotage is the initial target of cyber communities to identify and collect data of the company to use further attacks. This attack can delete the data and can completely erase the information in computers that are connected to the targeted network. In Feb 2020, an unrevealed U.S natural gas company was threatened by a infrastructure cyber-attack that completely stopped the operations for two days.

Data Theft Through Webmail and External Emails

Also, attackers can steal the confidential data that includes the details of the project, design and security information through webmail and external emails. This can be identified and cleared but this email attacks can be the initial point of serious attacks.

(Example image of email attacks. Source: infosec resources)

Ransomware

Ransomware attacks are used to spoil the daily activities of the company through spam emails that are specially crafted for the target or by unsecured protocol connection and can spoil the whole network. In May 2020, the Houston based oil and natural gas producer company W&T Offshore Inc., fell prey to the ransomware attack and lost nearly 800 gigabytes of personnel and financial data leaked to the dark web.

Recommended security operations that can save from attacks

Following the security operations can be as hard as monitoring and managing the pipelines and quick advancement in technology can be hard to adapt to, but few security standards must be followed to not fall in the cyber-attack threats.

(Estimated risks of loss in the energy industry over the next 5 years. source: Accenture Research)

Few notable recommendations to ensure security are,

• Secured domain names. It is safe to have Domain Name System Security Extensions implemented to avoid domain hijacks.
• Making sure that communication data mails or letters are signed. This can avoid third party enforcement of commands between.
• Regular monitoring for data leaks.
• Regular software updates.
• Using an AI algorithm to filter spam emails, can stop the email attacks.
• Two factor authentication for emails and file passwords.
• Regular reviews of cloud service security settings.
• Awareness to employees on cyber-attacks and safety measures is essential.