This post is also available in: heעברית (Hebrew)

Oil and gas companies are considerable targets of cyber attacks by cybercriminals as well as state-sponsored hackers and hacktivists each day who threaten the infrastructure security. The number of attacks worldwide against Oil and gas industry systems is constantly growing for both sabotage and cyber espionage. The monetary loss caused by the theft of intellectual property and damages caused by malicious agents such as malware has also increased.

Offshore oil rig. Illustration  photo (Wikimedia Commons, courtesy of Agencia Brasil)
Offshore oil rig. Illustration photo (Wikimedia Commons, courtesy of Agencia Brasil)

According to Security Affairs, the Gulf States oil and gas sectors are considered too vulnerable to cyber attacks due to the high penetration level of technology for control of critical processes. One of the most popular incidents to occur in the energy industry is related to Shamoon malware, a virus that infected nearly 30,000 computers in the network of the petroleum producer Saudi Aramco.

Security experts believe that Shamoon malware was, in reality, a cyber weapon designed by Iranian cyber units to hit the energy industry. Saudi Aramco wasn’t unique as an energy company to be hit by a cyber attack, Qatar’s RasGas was also attacked by hackers.

Between July and September, Kaspersky Lab researchers detected 1.2 million internet-borne malware incidents on computers in the UAE, affecting 26.4 per cent of users. Protection of the energy infrastructure is a shared problem. A cyber attack could have a serious repercussion on the environment, for instance imagine damage to a nuclear facility or to a refinery.

IHLS – Israel Homeland Security

In July, US ICS-CERT issued a new Monitor report that revealed a surge of brute force attacks against control systems mainly belonging to the energy sector. Data collected by the CERT revealed that 53% (111) of attacks hit the energy industry mainly targeting control systems, the hackers adopted various techniques including wateringhole attacks, SQL injection, and spear phishing.

Just a month before the attack Anonymous conducted a campaign dubbed OpPetrol the hacktivists protested against the West’s domination of the world’s resources. They were against the energy sector for the adoption of US dollars as the base currency for oil exchange, fortunately the attacks didn’t have serious consequences.

The majority of cyber attacks against the energy sector may go undetected. In many cases the attackers could spy on victims for a long period of time collecting precious information for further attacks. Malicious code used to compromise networks belonging to the energy industry are designed to go undetected. Chinese hackers are considerably the most dangerous persistent threat against the energy sector.

Targeted attacks can cost a firm up to US$2.4 million in damages, according to a report issued by Kaspersky Lab. This comes despite the alarming scenario that companies still consider security as an area to reduce costs. US Senator Mr. McConnell revealed that about 5 to 10 per cent of a company’s IT budget should be spent on cybersecurity.

Russia, US and UK have the most robust cybersecurity systems in the world, but their governments are aware of the risks related to cyber attacks and the need to continue to invest to protect the energy sector and in particular critical infrastructure.