Understanding Cybersecurity Threats Targeting Oil & Gas Industry
- With the adoption of tech-enabled processes, the Oil & Gas industry has opened up new attack vectors for hackers.
- Its valuable assets and vulnerable cybersecurity defenses have managed to gain the attention of cybercriminals.
Advancing ICS threats
- According to a Deloitte report, almost three-quarters of U.S. Oil & Gas companies faced a cyber incident in 2017. Yet, only a small section cited security risk as a major concern in their annual reports, despite operating thousands of connected device.
- Today, the Industrial Control System (ICS) security threats are on the rise for Oil & Gas companies, notes Dragos, an industrial (ICS/OT) cybersecurity firm, in its report.
- Dragos also identified a new threat group ‘Hexane’ (active since 2018) capable of ICS attacks and currently targeting Oil & Gas and telecommunication facilities in the Middle East, Central Asia, and Africa.
- The researchers from the company believe Hexane could using telecoms as “a stepping stone to network-focused man-in-the-middle and related attacks.”
The surge in ICS security threats against Oil & Gas companies, as experts would conclude, is the result of political conflicts between various nations across the globe. "Over the last year and a half, as tensions have risen around the world, Oil & Gas has become a predominant target," Sergio Caltagirone, Vice President of Threat Intelligence at Dragos, told SearchSecurity.
The report also highlights an Iranian threat group ‘Magnallium’ that was claimed to have launched attacks against US-based targets. "Following recent increasing tensions between the U.S. and Iran, Dragos identified Magnallium activity targeting U.S. government and financial organizations, as well as Oil & Gas companies attempting to gain access to computers at target organizations," the report states.
Top security issues for Oil & Gas
- Employee awareness remains important
- Information security needs board-level attention
- The risk to reputation is rising
- A skilled cyber workforce is essential to keep pace with evolving threats
- The financial impact of breaches is not fully examined
- Lack of reliable intelligence on emerging threats
- Need for a proactive cyber defense strategy
As per researchers, there is presently limited visibility—or observability—into the network ecosystem of the Oil & Gas industry. Understanding the threats and learning how the attacks are executed is critical at this point in time. Attackers’ behaviors and capabilities for targeting oil and gas companies may uncover a few unseen trends and hidden motives behind the attack.
- Protect data in ICS/SCADA environments by opting for a scalable and easy to implement encryption solution to encrypt data enterprise-wide.
- Establish a SOC (Security Operations Center) that controls and operates as a cyber threat detection and response center for all cybersecurity activities.
- Define and deploy policies and keys for user access to data at various levels. It must ensure that only those who need to send/ receive the data get access to do so.
- Hire professional services for threat intel sharing and avoid attacks even before it occurs.
- Lastly, educate or train your employees on cybersecurity.