Leon Panetta, the US Secretary of Defence, recently made the strong declaration that the US is at risk of a “cyber Pearl Harbour”. He claims that the vast increase in cyber-attacks that are being directed at companies around the world are all leading to the possibility of a surprise attack which could take control of key control systems, causing widespread blackouts, damage to power plants, and knocking out the electricity grid.
Panetta confirmed that “we know of specific instances where intruders have successfully gained access to these control systems. We also know they are seeking to create advanced tools to attack those systems and cause panic, destruction, even loss of life.”
Early last year several large international oil companies, including the likes of ExxonMobil, Royal Dutch Shell, BP, ConocoPhillips, and Marathon Oil, suffered an attack from China, which the security firm McAfee described as “not sophisticated … were very successful in achieving their goals.”
Then in May of this year the Department of Homeland Security revealed a string of attacks on the computer networks of natural gas companies. Again in June hackers broke into a smart meter monitoring system and reportedly reduced all the consumption readings.
Saudi Aramco has recently been the subject of a massive attack which destroyed over 30,000 of its computers; and RasGas, the second largest LNG producer in the world, was also hit.
Related Article: Cyber Update: Pipelines, China and Lax Security Standards
The frequency and success of the attacks show that the world’s biggest companies have many weaknesses in their cyber defences. In a survey Price Waterhouse Cooper found that 46% of corporations were worried about the level of their cyber security.
Some believe that the attacks on Saudi Arabia and Qatar originate in Iran and are in retaliation for the Stuxnet virus which was released by the US on Iran’s nuclear facilities, where it caused uranium centrifuges to spin out of control and break.
There is concern that Iran has reverse engineered Stuxnet so that they can send it back to the West, and break gas turbines, of electricity generators.
At a discussion panel hosted by the US Chamber of Commerce, Donald Paul, the director of the Univ. of Southern California Energy Institute, said that corporations are only as strong as their weakest link. “Typically in Chevron, for any kind of complex operation, it would not be uncommon [to have] 1,000 suppliers. Well if I were interested in doing harm, why would I charge the main fort, which you know is well defended? What you need to do is define the weak supplier that gets led in the front door.”
Panetta has said that in order to combat this threat the DoD wants to unleash military cyber-shock troops on the hackers, only when under direct instructions from, the president.
By. Charles Kennedy of oilprice.com
Charles is a writer for Oilprice.com