Hacktivist Group Threatens Attack on Global PetChem Companies

Petrochemical companies with well-defined incident response programs are best positioned to mitigate the possible cyberattack announced for Friday by hacktivist group AnonGhost.

AnonGhost has threatened to disrupt petrochemical company operations in the United States, Germany, Russia, China, Kuwait and Saudi Arabia. ThreatTrack Security CEO Julian Waits told Rigzone that major companies such as Exxon Mobil Corp. and Royal Dutch Shell plc are likely targets. United Arab Emirates-based companies Adnoc and Enoc are among potential targets, Gulfnews.com reported Thursday.

The hacktivist group is targeting companies that use U.S. currency in evaluating crude oil. It is unknown whether AnonGhost will target SCADA systems, trading, or other assets, just that they will look for vulnerabilities to exploit and “pull on the thread as hard as they can to make the garment split,” ThreatTrack Security CEO Julian Waits told Rigzone.

The group has gone after other political causes – including pharmaceutical companies over why they aren’t creating more drugs to treat HIV – in an effort to expose secrets that they believe major companies and governments are conspiring to hide from the public.

AnonGhost was one group that companies participating in a recent ThreatTrack survey said they viewed as a threat, said Waits, noting that the group “has always delivered on what they said they would do”. The fact that companies surveyed view AnonGhost as a threat may have sped things up and bring a potential attack to fruition.

Ironically, the group offers on its website tips on how to ward off or mitigate a cyberattack by AnonGhost, Waits noted.

What can companies do to ward off or mitigate an attack? It comes down to the brass tacks of security and risk management 101, said Waits. Companies should identify what their most critical assets are, and create a quick, precise strategy for protecting those assets.

If the attack is actually launched, petrochemical companies should have their IT and security resources on heightened alert not just for the next 24 hours but the next 72 hours, monitoring networks and searching for anomalous file movements that can be traced to a specific user. In some cases, shutting down the internet connection for specific assets might be a solution, unless it’s a system for collecting money, such as credit card information at a gas pump.

Companies also should be on the lookout for a potential attack that might not have an immediate effect, but could impact things down the road. Waits pointed to the attack on U.S. retailer Target – which resulted in credit card information and data for millions of customers being hacked – as a long slow attack. The attack wasn’t specifically targeted for Target, but hackers got lucky and ended up turning a weakness into an opportunity over a six to seven month period.

Analyst: Pipeline Projects Key for Canada
to Win N. America Oil Export Race
by Matthew V. Veazey

US Approves BP Drone
Surveys Of Alaskan Oilfields
by Reuters

Oklahoma: Preparing to Become an
Oil Producing Powerhouse
by Gene Lockard