Under siege: one attack could keep entire cities even, countries in the dark

“The World Economic Forum’s Centre for Cybersecurity launched 2020 the Cyber Resilience in Oil and Gas initiative to strengthen cybersecurity across multiple industries. The initiative comprises over 40 public and private organisations working together to drive forward collective action on cyber resilience.” (World Economic Forum) article.

Cyber attacks cost the energy sector 4.72 million per incident. 22% of cyber attacks in oil and gas were related to espionage. (Kizzee) According to Statista.

“There were 21 global ransomware attacks on the oil and gas industry in 2022. It is the 5th industry sector most affected by ransomware in the last year.” (Kizzee) Sangfor Technologies article.

In conclusion, the world runs on energy, and we’re so far from nuclear or electric power, so we use oil & gas. Then when someone gets access to that source and controls it, everybody should be a little scared.

"In mid-February, hackers gained access to computers belonging to current and former employees at nearly two dozen major natural gas suppliers and exporters, including Chevron Corp., Cheniere Energy Inc., and Kinder Morgan Inc., according to research shared exclusively with Bloomberg News” -Bloomberg article- (Jordan Robertson and Sergio Chapa.)

What kind of cyber-attacks do oil & gas companies face, and what damage do they cause?

Cyber-attacks cost oil companies a lot of money yearly, and experts estimate that it will cost the world 10.5 trillion dollars annually. In 2012, Saudi Aramco was under a cyber attack. According to CNN Business, the attack causes so much damage, nearly wiping 35k company computers, forcing Saudi Aramco to revert to pen and paper to keep facing a 50 million dollar extortion.

You’re a technical engineer at an oil facility under Aramco; your facility is responsible for the distribution and processing of oil. You’re proud of your job, and it pays well (After all, you handled a crippling student debt to get this degree after five years of sleepless nights, long study hours, and fusing your rear with the library’s chairs). But in 2012, before the attack happened, you did not know that the oil & gas industry needed security and episodes like this could ever happen. You did not know that there were types of cyber attacks, and every type did or aimed for a goal. Until one guy in your cybersecurity team spoke of them, two of the most important ones destroy systems and ones that hold your system and render it useless until the company pays a ransom. These attacks cost the energy industry 4.7 million dollars per incident.

• Denial of service.
• Payment card skimmers.
• Insider threats.
• DNS hijacking.
• Data theft.
• Email phishing.
• Industrial espionage.
• Web-based app attacks.
• Point-of-sale intrusions.

How are the oil & gas companies vulnerable to cyber-attacks?

Every field of work, since its creation, evolved. We went as a collective humanity from hand-built to tools to industrialised production to now computerised operation, and every field took its approach to this evolution stage. In the Oil & Gas industry, we went from:

Early automation rails, automatic reservoir closing, and opening, for example.
Digital control in the 70s to Supervisory Control and Data Acquisition (SCADA): SCADA systems emerged to ease control and remote access. To facilities connected in a single network, data ranging from material quantity to system faults can be detected and shared between employees in other sister facilities.
Integrated Operations and Digital Oilfields This trend exploded fast because using this system gives the engineers at the facility access to every micro process, from sensors, reservoir models, and advanced analytics to optimise production efficiency and decision-making best.
Now Oil industries have gone so deep into the computerisation of their process to Industrial Internet of Things (IIoT): IIoT technologies, which involve connecting various devices, sensors, and equipment to the Internet. This connectivity enables real-time data collection, remote monitoring, predictive maintenance, and improved asset management. IIoT facilitates enhanced communication and collaboration among different stakeholders in the industry, leading to more efficient operations. Coupled; with robotics and automation. It includes using autonomous drones for inspections, robotic systems for maintenance and repairs, and automated drilling and sound operations processes. In conclusion, the production and internal works of the oil & gas industry are half robotised, and everything is running on its own.

That sounds beautiful and less dangerous, but it opens the door to things so horrid we cannot even begin to fathom. Let’s put it in simple terms when you connect to the Internet, you connect to the whole world, and when you are connected to the world and have access to it, it also has access to you. If that doesn’t scare you, you are very dull with no secrets or exploits, or you are the one that is doing the damage. Cyber attacks are not uncommon, and they happen every day. And that does not exclude the oil & gas industry.

Malware attacks encompass the utilisation of malevolent software to impair systems, thereby granting unauthorised access to confidential data and information. This category of attacks contains viruses, worms, Trojans, and rootkits, posing significant challenges in their detection and eradication.

Ransomware

Ransomware, a malicious malware, has emerged as a grave cyber threat. Its modus operandi involves encrypting victims’ data, rendering it utterly inaccessible until the company pays a ransom. This devious tactic has proven highly destructive and has become more prevalent recently. Hackers, with their sinister intentions, have targeted many institutions, including hospitals, schools, and businesses. Consequently, victims face a distressing ultimatum: either succumb to the hackers’ demands and make the ransom payment or endure the devastating loss of their valuable data. The pervasive nature of this menace serves as a reminder of the pressing need for robust cybersecurity measures and heightened awareness to combat this growing threat.

What measures do oil conglomerates implement to deal with these threats?

Usually, after such attacks, companies hire external cybersecurity firms to asses the damage and install better prevention and security measures. They are kept under contract to run periodic penetration testing, reinforcement, and risk assessment for the facilities’ infrastructure. And it is best if they are kept under contract for the most extended period possible (let’s be honest, a cybersecurity firm is far more experienced than any other cybersecurity internal team, it is perhaps expensive, but to me, dollars in their pockets are better than 10x the amount in some 16-year-olds gang in some basement in southeast Asia).

How Microminder Cybersecurity is the best solution to secure and ensure maximum security?

We can tell you that from experience and many testimonials from our clients. We cover the most sensitive areas in the oil and gas industry, ranging from:

• Confidential data
• Telecom
• Refineries
• Pipelines
• Tank farms
• Utilities

That is how vulnerable our digital world has become (mainly as a technical engineer in some oil facility, “But this is almost all of the industry”. 99% of our recent pen tests identified vulnerabilities. 59% of them contained critical and high risk. (If not proof, a call with the Microminder team, and you will see it.)
Alright, here’s the plan. It’s a 5 step plan in that you say yes, we do the work.
A strong cybersecurity strategy is crucial for every energy company. That's why our team of experts has devised a comprehensive 5-phase approach to help secure your operations. You can implement proven protections tailored to your unique risks and needs by partnering with us. Our cybersecurity program includes the following:

Our consultants will start by doing a complete examination of your current cybersecurity position, helping to identify any weak areas. We'll review your systems, networks, access controls, and business processes.

Our team will create a customised cybersecurity plan tailored to your company's needs and challenges based on our assessment findings and recommendations. It will include steps to take if your business suffers a cyberattack.

Our cybersecurity professionals will assist you in implementing the plan across your systems and ensuring compliance with all relevant regulations. We'll also provide ongoing support as required.

As your operations evolve, we'll continue monitoring and upgrading your cybersecurity plan to match changes in the sector.

Our cybersecurity advisors will regularly update your cybersecurity status so you're always informed.

Over 800,000 cyberattacks occur globally yearly, making a continuously updated defence strategy critical. Don't delay - contact us today to safeguard your business from the constantly emerging cyber threats.

We take the risk off your shoulders so you can focus on what matters most. Contact Microminder CS today to learn how we can help protect your business. Start today; you are welcome to the cyber sanctuary Microminder.