• 3 minutes Nucelar Deal Is Dead? Iran Distances Itself Further From ND, Alarming Russia And France
  • 5 minutes Don Jr. Tweets name Ukraine Whistleblower, Eric Ciaramella. Worked for CIA during Obama Administration, Hold over to Trump National Security Counsel under Gen McCallister, more . . . .
  • 9 minutes Shale pioneer Chesepeak will file bankruptcy soon. FINALLY ! The consolidation begins
  • 12 minutes China's Blueprint For Global Power
  • 2 hours EU has already lost the Trump vs. EU Trade War
  • 1 day Crazy Stories From Round The World
  • 1 day Science: Only correct if it fits the popular narrative
  • 1 min Everything You Need To Know About Trump
  • 2 days Iran Burning: Shock Gas Price Hike Triggers Violent Protests After Subsidy Cuts
  • 10 hours Pope Proposes New Sin: Thou Shalt Not Destroy The Harmony Of The Environment
  • 18 hours IEA predicts oil demand will grow annually at 1 million barrels a day for the next 5 years
  • 2 days Atty General Barr likely subpeona so called whistleblower and "leaker" Eric Ciaramella
  • 3 hours Water, Trump, and Israel’s National Security
  • 1 day Impeachment Nonsense
  • 20 hours ‘If it saves a life’: Power cut to 1.5 million Californians
  • 2 days What are the odds of 4 U.S. politicians all having children working for Ukraine Gas Companies?
  • 2 days Who writes this stuff? "Crude Prices Swing Between Gains, Losses"
Alt Text

All Eyes On OPEC As Another Oil Glut Looms

As its semi-annual meeting nears,…

Alt Text

Vigilante Offers $100,000 Bounty To Hack Oil & Gas Companies

A well-known vigilante hacker offered…

Alt Text

U.S. Shale Production To Double Despite Struggles

U.S. shale is facing plenty…

Jen Alic

Jen Alic

 

More Info

Premium Content

Cyber Update: Pipelines, China and Lax Security Standards

The Department of Homeland Security (DHS) has identified China as the possible origin of an ongoing cyber attack targeting US gas pipeline companies, and specifically a group that managed to hack into RSA security in 2011.  

The cyber attack could be a continuation of the “Night Dragon” attack in February 2011 on McAfee computer security firm, which was also traced back to China. The objective of that attack was to obtain financial data from oil and gas companies. 

Chinese officials deny that there is any evidence that the cyber attack is coming “directly” from China.

At the same time, US officials have announced that they will be working together with Chinese defense officials on cyber security issues to “avoid any miscalculation or misperception that could lead to crisis in this area”. This new cooperation deal follows Washington’s public accusation last year that China was stealing sensitive high-tech data for economic gain.

The cyber investigation also coincides with a survey released by Carnegie Mellon University CyLab, showing that US energy infrastructure is the least prepared for cyber attacks, while financial institutions are the best prepared in terms of cyber security standards.

The CyLab 2012 survey is based upon results received from 108 respondents at the board or senior executive level from Forbes Global 2000 companies. The survey found that “boards are not actively addressing cyber risk management”, and there is still a “gap in understanding the linkage between information technology (IT) and enterprise risk management.”

Specifically, the survey notes that fewer than two-thirds of the companies had full-time personnel in key privacy and security roles “in a manner that is consistent with internationally accepted best practices and standards”.

One of the most troubling aspects of the survey was how the energy sector rated in terms of cyber security—not well at all, in fact, the worst. According to the survey, energy and utilities sector respondents indicated that their boards “never” address vendor management issues.

Among other revelations, the survey noted that “the energy/utilities sector also places a much lower value on board member IT experience than the other sectors, which is puzzling since their operations are so dependent upon complex supervisory control and data acquisition (SCADA) systems.”

The survey and the investigation into the ongoing cyber attack are come against the backdrop of a legislative battle over cyber security standards and information-sharing. In late April, the House of Representatives pass the Cyber Intelligence Sharing and Protection Act (CIPSA), but the President is threatening to veto that bill, on the recommendation of the White House Office of Management and Budget. 

While in vetoing the bill President Obama appears to come out on the side of privacy advocates who oppose CIPSA, the real criticism of the bill is that it fails to obligate companies in charge of critical infrastructure to engage in some very costly cyber security standardizations.

By. Jen Alic of Oilprice.com

Jen Alic is a geopolitical analyst, co-founder of ISA Intel in Sarajevo and Tel Aviv, and the former editor-in-chief of ISN Security Watch in Zurich.




Download The Free Oilprice App Today

Back to homepage



Leave a comment

Leave a comment




Oilprice - The No. 1 Source for Oil & Energy News
Download on the App Store Get it on Google Play