Report: Oil & Gas Cybersecurity Risks to Continue in 2015

Rigzone speaks with Booz Allen Hamilton on how cybersecurity issues will continue to impact the oil and gas industry in 2015.

The oil and gas industry’s need to prepare for cyberattacks will not abate in 2015 as attacks continue to grow in number and sophistication.

Over the past 30 years, the oil and gas sector has been the target of well-known cyberattacks. One of the most famous was launched against Saudi Aramco in 2012 by the terrorist organization, Cutting Sword of Justice. The group launched the attack to stop oil and gas production in Saudi Arabia’s largest exporter within the Organization of the Petroleum Exporting Countries (OPEC), according to a white paper by Lockheed Martin Corporation.

The attack crippled 30,000 computers and disrupted Saudi Aramco for months.

“The attack on Saudi Aramco ultimately failed to disrupt production, but was one of the most destructive cybersecurity strikes against a single business,” according to Lockheed Martin. “More importantly, this attack echoed the need for oil and gas companies to evaluate the importance of a cyberthreat landscape with regard to attacks and uncovered vulnerabilities.”

Another recent example of cybersecurity threats facing the oil and gas industry is the attack on Mexico’s state energy company Petroleos Mexicanos (Pemex) by Iran-backed cyberattackers, Bloomberg reported Dec. 2. Hackers working for Iran have targeted at least 50 companies and government organizations, including commercial airlines, looking for vulnerabilities that could be used in physical attacks, Bloomberg quoted cybersecurity firm Cylance Inc. as saying.

Estimates vary, but the number of cyberattacks is on the rise. Lockheed Martin quoted reports by Symantec, which reported a 91 percent increase in targeted attack campaigns in 2013. This includes a 62 percent rise in the number of breaches. In the United States alone, IBM reported an estimated 1.5 million monitored cyberattacks occurred in 2013, a 12 percent year-to-year increase in security events.

Last year, McLean, Virginia-based consulting firm Booz Allen Hamilton outlined the cybersecurity trends it anticipated would shape the oil and gas industry in 2014. The firm has released an update on what kind of cybersecurity trends would impact the industry in 2015.