Most Common Oil and Gas Cybersecurity Threats

We are currently in the middle of a technological revolution, and the signs are all around us. Go ahead and name any tech buzz word such as the Internet of Things, Big Data, or Artificial Intelligence, and it will definitely be related to so many industries out there. Here, however, we’re not going to talk about the new opportunities, but we’ll be warning you about emerging threats.

Integration and automatization have exposed many industries to new threats and vulnerabilities, and the oil and gas industry is no exception. It has never been more important to protect critical infrastructures due to the increase in cybersecurity threats in the oil and gas industry.

According to research conducted by ABI, the oil and gas industry has been gearing up against cyber threats by taking some preventative measures. The report illustrates how a cumulative $1.87 billion has been spent against cybersecurity threats in the oil and gas industry. Even though this is the case, most of the players in the industry still lack awareness and can easily fall victim to dangerous cyber-attacks.

What Could Possibly Happen?

The possible consequences of a cyber-attack highly depend on the cybercriminal’s aims. An example can be state-backed hackers or competitors that are interested in attaining or revealing important information held by the victim companies. Sabotage, on the other hand, is a whole new problem and is usually the aim of hacktivists – such as the case of #OpPetrol operation back in 2013.

The Possible Risks of a Successful Attack

Some of the risks that can be faced by victims of a successful cyber-attack can include the following:

1. Plant shutdowns
2. Equipment damages
3. Interruption of utilities
4. Shutdowns of production cycles
5. Inappropriate or inconsistent product qualities
6. Undetected spills
7. Violations of safety measures which could result in injuries or even death

Hackers Can Break Into Operational Technology (OT) Networks

A computer worm called Stuxnet has been known to target PLCs or the industry’s programmable logic controllers along with SCADA systems. This was a wake-up call for so many industries other than the oil and gas industry because the worm had been designed in this way.

The general idea of cyber-attacks of this nature is quite simple. Applications in enterprises such as Enterprise Resource Planning systems or even Business Intelligence systems are usually connected with a large number of devices in plants. This is done with the help of some integration technologies that are used to transfer data across platforms such are smart devices. If these connections are not secured, such as the connections between OT and IT environments, then refineries are most definitely vulnerable to cyber-attacks.

Oil Market Fraud

Imagine if a cybercriminal uploaded malicious software into a system which has the ability to change stock information for oil and gas companies. An example can be the case where malware had the ability to fake certain types of data and make quantities appear much larger than they really are.

Once this occurs, the victim company will easily run out of production resources and hence fail to satisfy its respective obligations. As a result, the malware would have wreaked havoc and caused the company to experience huge losses while driving the oil price much higher.

Plant Destruction

In the production units of oil and gas companies, tank gauging systems and tank information management systems are connected. Some of these are equipped with functionalities that allow them to send individual commands to PLCs, which in turn are placed to control the filling of tanks.

When cybercriminals make their way to this information, nothing can prevent them from changing its critical values. How is this dangerous? Well, a cybercriminal could easily engineer an oil explosion by simply increasing the maximum filling limits of individual oil tanks.

In a similar manner, there are numerous processes in refineries and oil separation units that can be open to potential attacks via their burner management systems. These systems are not only meant to send information, but they are also designed in a manner to be managed remotely via special intermediate systems and business applications. Vulnerabilities in these remote operations can easily be compromised leading to the worst-case scenario of a plant explosion by simply turning off the purge functionalities.

Equipment Sabotage

Remote plant equipment is usually at risk of data manipulations as well. This can be in terms of pressure or temperature measurements and hackers could easily implant false forms of data which show breakdowns have occurred in remote facilities. This would then lead the victim refinery to waste their financial resources and time in false investigations.

The takeaway from all of the above may sound banal, but it is the ugly truth. The newest technological features and booming usage of the Internet of Things have simplified our lives quite a lot, but have also brought ahead some new risks. Now, it’s not only a question of the vulnerabilities of the people who use the Internet of Things or even electric skateboards. Every critical infrastructure that is connected to these technologies should take the threat seriously.

It is now time for oil and gas companies to realize that there are no gaps between OT and IT systems and that there are certain business applications that exchange critical information with devices. Due to this, these companies should seriously consider cybersecurity and setting strong lines of defense against possible attacks.