Oil and gas companies operating in Texas, and especially those concentrated around Houston, are exposed to major cybersecurity threats as the sheer size of operations and the growing digitalization of the energy industry make it difficult to protect sensitive data.
An investigation from the Houston Chronicle cites figures from Homeland Security, which reveal 350 cybersecurity incidents at companies operating in the area for the period between 2011 and 2015. In total, Homeland Security identified 900 security flaws in U.S. oil and gas companies in the period, making the energy industry the worst performer in cybersecurity.
The vast concentration of refineries, pipelines and petrochemical plants around Houston makes the area especially attractive for trade spies and hackers. At the same time, the huge network of sensors and controls is vulnerable to attacks precisely because of its size and complexity.
However, a lot of oil and gas facility operators simply don’t have the technology and personnel means to equip their facilities with adequate hack controls. The equipment in use was designed during times when cybersecurity was not even conceived of and it has been upgraded with the addition of computer connectivity without considering the risks that go with that connectivity.
In fact, the situation is so serious, according to a cybersecurity expert quoted by the Houston Chronicle, that a hacker can blow up a tanker or “mess with” the operations of a refinery.
Related: U.S. Shale Production Growing At An Unprecedented Pace
While every industry is nowadays a target of cyberattacks, the energy industry, as law firm Bracewell advisors note, is particularly vulnerable: its operations can be targeted by environmental, religious and political opponents, who can not just inflict damage on costly equipment but also injure and kill people, too.
The message from the experts – cybersecurity and legal – seems to be that oil and gas companies need to up their game and invest more in cybersecurity. Cyberattacks, the Bracewell lawyers say, are inevitable, and as such need to be addressed adequately, in light of the potentially disastrous consequences of a major hack attack.
By Irina Slav for Oilprice.com
More Top Reads From Oilprice.com:
Irina is a writer for the U.S.-based Divergente LLC consulting firm with over a decade of experience writing on the oil and gas industry.