Contrary to popular belief that the oil and gas industry is not among the top targets of hackers, energy was the second-most prone industry to cyber-attacks last year, with almost three-quarters of U.S. oil and gas companies going though at least one cyber incident, consultancy Deloitte said in a report released on Monday.
The growing data connectedness and digitalization of operations with digital oil fields and smart fields have “opened up an altogether new landscape of attack vectors for hackers by connecting upstream operations in real time,” Deloitte says.
Despite the increased interconnectedness and smarter technologies, only a “handful” of energy companies have cited cyber attacks and breaches as a major risk in their latest annual reports. Many U.S. oil and gas drillers are bundling cyber risks together with other risks such as labor disputes or civil unrest, according to Deloitte.
Of the three major stages of the upstream business, exploration is the least vulnerable to cyber attacks, because the first two operations—seismic imaging and geological and geophysical surveys—have a closed data acquisition system. Exploratory and appraisal drilling has a higher risk profile, but includes many elements of the development stage, which is especially exposed to cyber threats. The actual production operations are at the highest risk of cyber incidents, mostly due to the “legacy asset base, which was not built for cybersecurity but has been retrofitted and patched in bits and pieces over the years,” Deloitte says. Related: Underperforming Energy Sector May Soon See M&A Wave
Just last month, an investigation found that oil and gas companies operating in Texas, and especially those concentrated around Houston, are exposed to major cybersecurity threats as the sheer size of operations and the growing digitalization of the energy industry make it difficult to protect sensitive data.
An investigation from the Houston Chronicle cites figures from Homeland Security, which reveal 350 cybersecurity incidents at companies operating in the area for the period between 2011 and 2015. In total, Homeland Security identified 900 security flaws in U.S. oil and gas companies in the period, making the energy industry the worst performer in cybersecurity.
By Tsvetana Paraskova for Oilprice.com
More Top Reads From Oilprice.com:
- The Eagle Ford Rebound Needs $48 Oil
- OPEC Not In A Hurry To Cut Deeper
- Gloomy Outlook Sees Hedge Funds Turns Bearish On Oil