Cyber Security in Oil and Gas Industry
As the Canadian oil and gas industry expands to cater for demand, the adoption of modern technology is key to the industry’s efficiency and increased productivity. However, with this increased dependence on computers and digital technology to manage and run the oil and gas industry, the risk of cyber-attacks has also increased.
Recent vulnerabilities, such as Heartbleed, have made it clear that the industry and even the government, must be ready for any attacks against their IT and web infrastructure. The risk of these attacks comes from different sources, each one having its own intention; some of which are to target the gas and oil production companies. Reports show that in 2012, 41% of the malware attacks were targeted at oil and gas companies, which was a 600% increase compared to 2010. The attacks directed at the oil and gas production industry have been noted to come from the three main sources discussed below.
State Sponsored Cyber-Attacks
The main risk linked to malware and virus attacks in the oil and gas industry comes from state sponsored sources. Today, many countries have stressful relations among neighbouring and other countries, prompting some to attempt the disruption of oil and gas production in those countries. A perfect example of this kind of cyber-attack was experienced by Saudi Aramco, which saw a computer virus named “Shamoon” wipe out data from 30,000 of the oil and gas company’s computers. However, it did not stall oil and gas production by Saudi Aramco, but it is considered a perfect example of state sponsored cyber-attacks.
Hacktivists are people who use computers and computer networks to raise awareness and perform demonstrations regarding different issues and topics. They use digital technology to create awareness regarding different concerns, but can also hack in to computer systems with the intention of stalling oil and gas production. The biggest threat to the Canadian oil and gas industry comes from environmental hacktivists who are constantly attempting to disrupt the expansion and production of oil and gas fields.
Globally, terrorism has become a common term and has many people constantly looking over their shoulder. The Canadian oil and gas industry isn’t immune from terrorist attacks either. Being a western country, Canada must remain vigilant to avoid any terrorist cyber-attack which could cripple or destroy their oil and gas industry.
The threats to the Canadian oil and gas industry can only be expected to increase in the near future and simply developing anti-virus and anti-malware software may not be the ultimate solution. To improve security, it’s important that the Canadian oil and gas companies consider developing their own unique computer operating systems. They can do this by performing penetration tests (Pentests) to uncover any weaknesses, making them less vulnerable to attacks. The energy sector is the second most targeted sector by cyber-attacks, making it a major concern for the industry to develop an effective and lasting defense against cyber-crime.