Close

Get a free web app penetration test today. See if you qualify in minutes!

Contact
Chat
Get In Touch

Get Immediate Help

Get in Touch!

Talk with one of our experts today.

  • Yes, I agree with the storage and handling of my data by this website, to receive periodic emails from microminder cybersecurity related to products and services and can unsubscribe at any time. By proceeding, you consent to allow microminder cybersecurity to store and process the personal information submitted above to provide you the content requested. I accept microminder's Privacy Policy.*

  • This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank You

Thank you

We appreciate your interest in our cybersecurity services! Our team will review your submission and reach out to you soon to discuss next steps.

UK: +44 (0)20 3336 7200
UAE: +971 454 01252

4.9 Microminder Cybersecurity

310 reviews on

Trusted by over 2500+ customers globally

Contact the Microminder Team

Need a quote or have a question? Fill out the form below, and our team will respond to you as soon as we can.

What are you looking for today?

Managed security Services

Managed security Services

Cyber Risk Management

Cyber Risk Management

Compliance & Consulting Services

Compliance & Consulting Services

Cyber Technology Solutions

Cyber Technology Solutions

Selected Services:

Request for

  • Yes, I agree with the storage and handling of my data by this website, to receive periodic emails from microminder cybersecurity related to products and services and can unsubscribe at any time. By proceeding, you consent to allow microminder cybersecurity to store and process the personal information submitted above to provide you the content requested. I accept microminder's Privacy Policy.*

  • This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank You

Thank you

In the meantime, please help our team scope your requirement better and to get the right expert on the call by completing the below section. It should take 30 seconds!

30 seconds!

Untick the solutions you don’t need

  • Untick All

  • Untick All

  • Untick All

  • Untick All
Thank You

What happens next?

Thanks for considering us for your cybersecurity needs! Our team will review your submission and contact you shortly to discuss how we can assist you.

01

Our cyber technology team team will contact you after analysing your requirements

02

We sign NDAs for complete confidentiality during engagements if required

03

Post a scoping call, a detailed proposal is shared which consists of scope of work, costs, timelines and methodology

04

Once signed off and pre-requisites provided, the assembled team can commence the delivery within 48 hours

05

Post delivery, A management presentation is offered to discuss project findings and remediation advice

Under siege: one attack could keep entire cities even, countries in the dark

 
Sanjiv Cherian

Sanjiv Cherian, Cyber Security Director
Aug 31, 2023

  • Twitter
  • LinkedIn

This article is a guidebook to keep the maximum amount of vigilance and security over oil and gas companies. As we explained, cyber attacks on oil & gas facilities hurt the economy. It caught the world economic forum’s attention.

“The World Economic Forum’s Centre for Cybersecurity launched 2020 the Cyber Resilience in Oil and Gas initiative to strengthen cybersecurity across multiple industries. The initiative comprises over 40 public and private organisations working together to drive forward collective action on cyber resilience.” (World Economic Forum) article.

Cyber attacks cost the energy sector 4.72 million per incident. 22% of cyber attacks in oil and gas were related to espionage. (Kizzee) According to Statista.

“There were 21 global ransomware attacks on the oil and gas industry in 2022. It is the 5th industry sector most affected by ransomware in the last year.” (Kizzee) Sangfor Technologies article.

In conclusion, the world runs on energy, and we’re so far from nuclear or electric power, so we use oil & gas. Then when someone gets access to that source and controls it, everybody should be a little scared.

"In mid-February, hackers gained access to computers belonging to current and former employees at nearly two dozen major natural gas suppliers and exporters, including Chevron Corp., Cheniere Energy Inc., and Kinder Morgan Inc., according to research shared exclusively with Bloomberg News” -Bloomberg article- (Jordan Robertson and Sergio Chapa.)

What kind of cyber-attacks do oil & gas companies face, and what damage do they cause?

Cyber-attacks cost oil companies a lot of money yearly, and experts estimate that it will cost the world 10.5 trillion dollars annually. In 2012, Saudi Aramco was under a cyber attack. According to CNN Business, the attack causes so much damage, nearly wiping 35k company computers, forcing Saudi Aramco to revert to pen and paper to keep facing a 50 million dollar extortion.

You’re a technical engineer at an oil facility under Aramco; your facility is responsible for the distribution and processing of oil. You’re proud of your job, and it pays well (After all, you handled a crippling student debt to get this degree after five years of sleepless nights, long study hours, and fusing your rear with the library’s chairs). But in 2012, before the attack happened, you did not know that the oil & gas industry needed security and episodes like this could ever happen. You did not know that there were types of cyber attacks, and every type did or aimed for a goal. Until one guy in your cybersecurity team spoke of them, two of the most important ones destroy systems and ones that hold your system and render it useless until the company pays a ransom. These attacks cost the energy industry 4.7 million dollars per incident.

  • Denial of service.
  • Payment card skimmers.
  • Insider threats.
  • DNS hijacking.
  • Data theft.
  • Email phishing.
  • Industrial espionage.
  • Web-based app attacks.
  • Point-of-sale intrusions.


How are the oil & gas companies vulnerable to cyber-attacks?

Every field of work, since its creation, evolved. We went as a collective humanity from hand-built to tools to industrialised production to now computerised operation, and every field took its approach to this evolution stage. In the Oil & Gas industry, we went from:

Early automation rails, automatic reservoir closing, and opening, for example.
Digital control in the 70s to Supervisory Control and Data Acquisition (SCADA): SCADA systems emerged to ease control and remote access. To facilities connected in a single network, data ranging from material quantity to system faults can be detected and shared between employees in other sister facilities.
Integrated Operations and Digital Oilfields This trend exploded fast because using this system gives the engineers at the facility access to every micro process, from sensors, reservoir models, and advanced analytics to optimise production efficiency and decision-making best.
Now Oil industries have gone so deep into the computerisation of their process to Industrial Internet of Things (IIoT): IIoT technologies, which involve connecting various devices, sensors, and equipment to the Internet. This connectivity enables real-time data collection, remote monitoring, predictive maintenance, and improved asset management. IIoT facilitates enhanced communication and collaboration among different stakeholders in the industry, leading to more efficient operations. Coupled; with robotics and automation. It includes using autonomous drones for inspections, robotic systems for maintenance and repairs, and automated drilling and sound operations processes. In conclusion, the production and internal works of the oil & gas industry are half robotised, and everything is running on its own.

That sounds beautiful and less dangerous, but it opens the door to things so horrid we cannot even begin to fathom. Let’s put it in simple terms when you connect to the Internet, you connect to the whole world, and when you are connected to the world and have access to it, it also has access to you. If that doesn’t scare you, you are very dull with no secrets or exploits, or you are the one that is doing the damage. Cyber attacks are not uncommon, and they happen every day. And that does not exclude the oil & gas industry.


Malware
Malware attacks encompass the utilisation of malevolent software to impair systems, thereby granting unauthorised access to confidential data and information. This category of attacks contains viruses, worms, Trojans, and rootkits, posing significant challenges in their detection and eradication.

Ransomware

Ransomware, a malicious malware, has emerged as a grave cyber threat. Its modus operandi involves encrypting victims’ data, rendering it utterly inaccessible until the company pays a ransom. This devious tactic has proven highly destructive and has become more prevalent recently. Hackers, with their sinister intentions, have targeted many institutions, including hospitals, schools, and businesses. Consequently, victims face a distressing ultimatum: either succumb to the hackers’ demands and make the ransom payment or endure the devastating loss of their valuable data. The pervasive nature of this menace serves as a reminder of the pressing need for robust cybersecurity measures and heightened awareness to combat this growing threat.


What measures do oil conglomerates implement to deal with these threats?

Usually, after such attacks, companies hire external cybersecurity firms to asses the damage and install better prevention and security measures. They are kept under contract to run periodic penetration testing, reinforcement, and risk assessment for the facilities’ infrastructure. And it is best if they are kept under contract for the most extended period possible (let’s be honest, a cybersecurity firm is far more experienced than any other cybersecurity internal team, it is perhaps expensive, but to me, dollars in their pockets are better than 10x the amount in some 16-year-olds gang in some basement in southeast Asia).


How Microminder Cybersecurity is the best solution to secure and ensure maximum security?

We can tell you that from experience and many testimonials from our clients. We cover the most sensitive areas in the oil and gas industry, ranging from:

  • Confidential data
  • Telecom
  • Refineries
  • Pipelines
  • Tank farms
  • Utilities


That is how vulnerable our digital world has become (mainly as a technical engineer in some oil facility, “But this is almost all of the industry”. 99% of our recent pen tests identified vulnerabilities. 59% of them contained critical and high risk. (If not proof, a call with the Microminder team, and you will see it.)
Alright, here’s the plan. It’s a 5 step plan in that you say yes, we do the work.
A strong cybersecurity strategy is crucial for every energy company. That's why our team of experts has devised a comprehensive 5-phase approach to help secure your operations. You can implement proven protections tailored to your unique risks and needs by partnering with us. Our cybersecurity program includes the following:

Evaluation
Our consultants will start by doing a complete examination of your current cybersecurity position, helping to identify any weak areas. We'll review your systems, networks, access controls, and business processes.

Planning & Strategizing
Our team will create a customised cybersecurity plan tailored to your company's needs and challenges based on our assessment findings and recommendations. It will include steps to take if your business suffers a cyberattack.

Execution
Our cybersecurity professionals will assist you in implementing the plan across your systems and ensuring compliance with all relevant regulations. We'll also provide ongoing support as required.

Refinement & Upkeep
As your operations evolve, we'll continue monitoring and upgrading your cybersecurity plan to match changes in the sector.

Reporting
Our cybersecurity advisors will regularly update your cybersecurity status so you're always informed.

Over 800,000 cyberattacks occur globally yearly, making a continuously updated defence strategy critical. Don't delay - contact us today to safeguard your business from the constantly emerging cyber threats.

Well, what do I do now? You might say. Do not worry Microminder CS got you.
We take the risk off your shoulders so you can focus on what matters most. Contact Microminder CS today to learn how we can help protect your business. Start today; you are welcome to the cyber sanctuary Microminder.


Don’t Let Cyber Attacks Ruin Your Business

  • Certified Security Experts: Our CREST and ISO27001 accredited experts have a proven track record of implementing modern security solutions
  • 40 years of experience: We have served 2500+ customers across 20 countries to secure 7M+ users
  • One Stop Security Shop: You name the service, we’ve got it — a comprehensive suite of security solutions designed to keep your organization safe

Unlock Your Free* Penetration Testing Now

 
Discover potential weaknesses in your systems with our expert-led CREST certified penetration testing.
 
Sign up now to ensure your business is protected from cyber threats. Limited time offer!

Terms & Conditions Apply*

Secure Your Business Today!

Unlock Your Free* Penetration Testing Now

  • I understand that the information I submit may be combined with other data that Microminder has gathered and used in accordance with its Privacy Policy

Terms & Conditions Apply*

Thank you for reaching out to us.

Kindly expect us to call you within 2 hours to understand your requirements.