Cyber security has experienced plenty of media airtime recently and these events have made one thing abundantly clear; everyone must be aware of the risks and understand what can be done to mitigate them. This is especially true for oil & gas, an industry that is critical to the global economy. Pre-empting and defending your organisation from attacks is essential if the industry is to work together successfully and protect the ecosystem.
There is a lot that distinguishes the oil & gas industry from other sectors, but when it comes to information security, it is like any other. In line with many other industries, oil and gas companies are seeing an increasing level of convergence as operational environments are getting closer to the enterprise IT environment and by extension, closer to the internet.
This is relevant to all parts of the value stream, from upstream through to the petrol pump. To encompass threats across the sector, we have analysed each step of the supply chain to identify the primary threat actors and what they are targeting, as well as the potential impact of a security breach.
Broadly, the following areas are most likely to be impacted by Cyber attack in the Oil & Gas sector. The infographics below discuss which are most affected at each stage of the process
The potential risks to E&P from a cyber attack range from health & safety all the way through to environmental damage. The inherently risky nature of offshore oil & gas exploration & production activity is well known and this risk is exacerbated by risk of cyber attack, whether that be nation state led, corporate espionage or even terrorist activity.
The processing and refining of hydrocarbons involves many processes and control systems that could be targeted by a cyber attack. Risk of service disruption and environmental impact is high. Attacks could come from a nation state, disgruntled employee through to corporate espionage with potentially significant financial implications for the victim.
Transportation of hydrocarbons to distribution points and end consumers represents an opportunity for lower level hacktivists and cyber criminals to attack the system. Risks include health & safety, reputation and regulatory as well as financial impacts. At its most basic level, the opportunity could exist for hackers to infiltrate payment systems at a service station, leading to financial losses and potential for identity theft.
As global trading of commodities becomes ever more complex, so too does the opportunity for organised crime, among others, to infiltrate payment systems, CTRM platforms and inventory management systems. The potential exists for those threat actors to gain financially from payment theft through to virtual inventory theft.
The Oil & Gas industry is massively complex, with stakeholders from huge corporate entities through to individuals. There are opportunities throughout the life cycle for threat actors to attack the system, disrupt services, steal information and gain financially from security lapses.
Often the solution to the risk is relatively simple and it is vital that the industry frames its security against the principles of Identify, Protect, Detect, Respond & Recover in order to stay cyber resilient. Balancing security measures, protecting the right things and investing in the ability to detect and respond effectively to challenges will help position organisations to deal with future attacks.
One thing is clear, the threat actors are very often one step ahead and therefore it is vital that organisations stay vigilant and active in monitoring and responding to the threat of attack.