Rising attacks on oil and gas infrastructure call for revamping cybersecurity practices

By |

After the recent cyberattacks on two oil suppliers in Germany, oil and gas infrastructure in two more European nations were targeted by hackers in the last two days. Such attacks have created a wave of operational disruption that has extended in some instances to Africa. This could give one an idea of the scale of these cyberattacks.

What could be driving these cyberattacks on Oil and Gas entities?

  • Data stolen from past cyberattacks that are being repurposed to re-target key systems
  • Large scale targeted phishing campaigns using stolen email lists
  • Experienced APT actors who have extensively conducted multiple reconnaissance runs undetected thereby harvesting 
  • Reports are emerging about the use of BlackCat ransomware. This is relatively new and sophisticated ransomware connected with ransom-as-as-a-service ops run by some hacker groups. These attacks involve waves of locking data and DDoS attacks
  • Lack of patching and adequate vulnerability management efforts

While there is very little information to figure out the exact reasons, one can certainly point to many cybersecurity weaknesses that are common to most, if not all, oil and gas industry players. These include:

  • Reduced network visibility during some phases of critical operations, thereby opening a window for hackers to exploit
  • Networks are not segmented on its into seperate zones and conduits with interconnected devices
  • Unpatched vulnerabilities
  • Existence of many OT systems and sub-systems that are running with less or no cybersecurity cover
  • Use of untested (from a cybersecurity point of view) IoT devices
  • Oil and gas operations have scaled significantly in the last decade. However, the cybersecurity methods and practices followed by the industry is yet to evolve to cover this growth
  • Some upstream operations such as exploration operate with a basic level of security. Hackers use these operations to enter interconnected networks through laterally moving malware 
  • Unsecured remote operations in offshore sites
  • In instances where barge and terminal operations are integrated or connected to some extent, malware can be injected in either to target the other
  • Use of shared passwords and lack of multi-factor authentication (MFA) for key connected assets
  • Lack of regular VAPT and cybersecurity drills to sensitize employees  

With continuing geopolitical tensions, oil and gas companies in countries across Europe and the Middle East will be on the radar of hackers for a long time. Each successful attack will also feed more attacks in the future and keep these companies vulnerable for a while.

In order to tackle such challenges, the cybersecurity goals should be integrated into the overall institutional culture and employees sensitized about their role in securing critical systems and infrastructure. Learn how a large Oil and Gas entity is using Sectrio’s capabilities in securing IoT and OT assets. Read the case study here: Securing IoT and OT assets for a large Oil and Gas company

Try our rich IoT and OT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence

Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio.

Visit our compliance center to advance your compliance measures to NIST and IEC standards: Compliance Center

Improve your cybersecurity through ot and iot focused threat intelligence feeds free for 15 days
Rising attacks on oil and gas infrastructure call for revamping cybersecurity practices - Sectrio

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

Ot and iot security standards and best practices for ciso's
Rising attacks on oil and gas infrastructure call for revamping cybersecurity practices - Sectrio

Download our CISO IoT and OT security handbook  

Gain insights from the largest ot and iot focused honeypot network - sectrio
Rising attacks on oil and gas infrastructure call for revamping cybersecurity practices - Sectrio

Access our latest Global Threat Landscape report  

Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defense tactics at close quarters.

Subscribe to Newsletter

Related Posts

Protect your IoT, OT and converged assets with Sectrio