Blog

Cyberthreats to oil and gas companies in APAC and Middle East rise significantly

By |

Oil and gas companies in APAC (Vietnam, Malaysia, Thailand, and India) and the Middle East (UAE, Saudi Arabia, and Kuwait) are advised to be on their guard as the cyber threat levels have risen significantly in the last 10 days. Not only have the number of cyberattacks increased but the quality of the attacks and the malware we are coming across are also significantly on the higher side of evolution. The rising attacks point to a coordinated effort by various hackers to create widespread disruption across supply chains.

These cyberattacks are targeting OT installations, IoT devices, and their associated networks. These include SCADA systems, HMI units, valve and flow control in pipelines and refineries, remote temperate and safety management systems, gas scrubber controls, and various metering systems.  

Further, hackers are showing extraordinary interest in field production systems, financial information, exploration and bidding documents, server configuration, and in intercepting internal communication among staff members.  

Oil and gas companies, therefore, need to urgently take the following measures to improve their cybersecurity posture.

  • Run tabletop exercises to stress test systems, processes, and response mechanisms  
  • Check for missed patch updates and update all systems immediately  
  • Conduct regular vulnerability scans  
  • For critical systems, network activity reports should be analyzed even if no anomalies were reported  
  • Work with multiple sources of threat intelligence
  • Conduct a cybersecurity self-assessment exercise to identify gaps and opportunities for improvement  
  • Keep the incident response team on standby for the next 14 days in a high state of readiness  
  • IoT and OT security plans must be revisited to improve them  
  • Increase awareness on phishing and on reporting rogue insider activity  
  • Remote access credentials for offshore and other remote facilities should be reset  
  • Recommend employees to only use unique passwords for all assets  
  • More attention should be paid to HVAC and health and safety systems as these could be targeted separately by hackers  
  • Add new KPIs to the overall plant and facility cybersecurity measures 
  • Communication equipment and pipeline controls are another set of equipment that needs urgent attention    
  • Follow all regulatory guidelines and those issued by US CISA, NIST, and other agencies promptly  

To understand how oil and gas companies are being targeted by global hackers, connect with our cybersecurity experts here: Connect with Sectrio

Learn how Sectrio is securing a complex IoT and OT environment for a large Oil and Gas entity in the middle east. Read Case Study

Reach out to us to learn about specific strategies to protect your organization.

Learn about easy to deploy compliance kits to help your regulatory compliance initiatives.   

Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now.

Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business

See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. 

Improve your cybersecurity through ot and iot focused threat intelligence feeds free for 15 days
Cyberthreats to oil and gas companies in APAC and Middle East rise significantly - Sectrio

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

Ot and iot security standards and best practices for ciso's
Cyberthreats to oil and gas companies in APAC and Middle East rise significantly - Sectrio

Download our CISO IoT and OT security handbook  

Gain insights from the largest ot and iot focused honeypot network - sectrio
Cyberthreats to oil and gas companies in APAC and Middle East rise significantly - Sectrio

Access our latest Global Threat Landscape report  

Share:
Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defense tactics at close quarters.

Subscribe to Newsletter

Related Posts

Protect your IoT, OT and converged assets with Sectrio