• 5 minutes China Faces Economic Collapse
  • 8 minutes ZeroHedge: Oil And Gas Bankruptcies To Accelerate As $137 Billion Debt Matures Over Next Two Years
  • 11 minutes Trump Will Win In 2020
  • 14 minutes Oil Production Growth In U.S. Grinds To A Halt
  • 42 mins Drone attacks cause fire at two Saudi Aramco facilities, blaze now under control
  • 8 mins Never Bring A Rapier To A Gun Fight
  • 9 hours The Belt & Road Initiative: A Wolf in Sheep's Clothing?
  • 1 hour Ethanol, the Perfect Home Remedy for A Saudi Oil Fever
  • 3 hours One of the fire satellite pictures showed what look like the fire hit outside the main oil complex. Like it hit storage or pipeline facility. Not big deal.
  • 7 hours USAvChina.com
  • 12 hours Aramco Production
  • 38 mins Democrats and Gun Views
  • 1 hour Lest We Forget... A Brief Timeline of China's Modern History
  • 13 hours Trump vs. Xi Trade Battle, Running Commentary from Conservative Tree House
  • 56 mins Iran in the world market
  • 2 hours Visualizing US Oil & Gas Production (Through May 2019)
  • 12 hours Oil Slide Worries Traders. *relax* This Should Get Sorted by Year End.
Alt Text

Shale Slowdown Takes Its Toll On Oil & Gas Jobs

US oil production continues to…

Alt Text

Is It Time To Go Long On Natural Gas?

Buying natural gas futures in…

Jen Alic

Jen Alic

 

More Info

Premium Content

Cyber Update: Pipelines, China and Lax Security Standards

The Department of Homeland Security (DHS) has identified China as the possible origin of an ongoing cyber attack targeting US gas pipeline companies, and specifically a group that managed to hack into RSA security in 2011.  

The cyber attack could be a continuation of the “Night Dragon” attack in February 2011 on McAfee computer security firm, which was also traced back to China. The objective of that attack was to obtain financial data from oil and gas companies. 

Chinese officials deny that there is any evidence that the cyber attack is coming “directly” from China.

At the same time, US officials have announced that they will be working together with Chinese defense officials on cyber security issues to “avoid any miscalculation or misperception that could lead to crisis in this area”. This new cooperation deal follows Washington’s public accusation last year that China was stealing sensitive high-tech data for economic gain.

The cyber investigation also coincides with a survey released by Carnegie Mellon University CyLab, showing that US energy infrastructure is the least prepared for cyber attacks, while financial institutions are the best prepared in terms of cyber security standards.

The CyLab 2012 survey is based upon results received from 108 respondents at the board or senior executive level from Forbes Global 2000 companies. The survey found that “boards are not actively addressing cyber risk management”, and there is still a “gap in understanding the linkage between information technology (IT) and enterprise risk management.”

Specifically, the survey notes that fewer than two-thirds of the companies had full-time personnel in key privacy and security roles “in a manner that is consistent with internationally accepted best practices and standards”.

One of the most troubling aspects of the survey was how the energy sector rated in terms of cyber security—not well at all, in fact, the worst. According to the survey, energy and utilities sector respondents indicated that their boards “never” address vendor management issues.

Among other revelations, the survey noted that “the energy/utilities sector also places a much lower value on board member IT experience than the other sectors, which is puzzling since their operations are so dependent upon complex supervisory control and data acquisition (SCADA) systems.”

The survey and the investigation into the ongoing cyber attack are come against the backdrop of a legislative battle over cyber security standards and information-sharing. In late April, the House of Representatives pass the Cyber Intelligence Sharing and Protection Act (CIPSA), but the President is threatening to veto that bill, on the recommendation of the White House Office of Management and Budget. 

While in vetoing the bill President Obama appears to come out on the side of privacy advocates who oppose CIPSA, the real criticism of the bill is that it fails to obligate companies in charge of critical infrastructure to engage in some very costly cyber security standardizations.

By. Jen Alic of Oilprice.com

Jen Alic is a geopolitical analyst, co-founder of ISA Intel in Sarajevo and Tel Aviv, and the former editor-in-chief of ISN Security Watch in Zurich.




Download The Free Oilprice App Today

Back to homepage



Leave a comment

Leave a comment




Oilprice - The No. 1 Source for Oil & Energy News
Download on the App Store Get it on Google Play