• 10 hours Retail On Pace For Most Bankruptcies And Store Closures Ever In One Year: BDO
  • 10 minutes America Could Go Fully Electric Right Now
  • 1 day Majors Oil COs diversify into Renewables ? What synergies forget have with Solar Panels and Wind Tirbines ? None !
  • 24 mins Clean Energy Is Canceling Gas Plants
  • 6 mins GAME CHANGER: MIT Startup Commonwealth Fusion says Commercial Product by early 2030s ! THIS CHANGES EVERYTHING..
  • 3 hours OP article : "Trump blasts Biden Fracking Plan . . . "
  • 12 mins America's Frontline Doctors - Safely Start Living Again!
  • 6 hours "COVID Kills Another Oil Rally" by Tom Kool 10/16/2020
  • 48 mins Biden denies fracking ban
  • 1 day Vote Biden for Higher Oil Prices
  • 2 days France Sees 10.6% EV Market Share In September — 4× Growth Year On Year
  • 18 mins Conoco Pledges ‘Net-Zero’ Emissions in Break With U.S. Rivals
  • 2 days Tesla Model 3 Is September's Top Selling Car of All Vehicles in Switzerland
  • 2 days TX NATGAS flaring
  • 21 hours A sneak peak into the US election
  • 2 days GPOR - Gulfport Oil - Why?
Oil Prices Slip Again As COVID Cases Surge

Oil Prices Slip Again As COVID Cases Surge

COVID cases are now surging…

Oil Prices Aren’t Going Anywhere Until The Election

Oil Prices Aren’t Going Anywhere Until The Election

Oil prices are almost certainly…

Tsvetana Paraskova

Tsvetana Paraskova

Tsvetana is a writer for Oilprice.com with over a decade of experience writing for news outlets such as iNVEZZ and SeeNews. 

More Info

Premium Content

Hackers Have Ailing Oil Industry In Their Crosshairs

The world has come to a standstill as billions of people are under lockdown, with many businesses closed. But hackers never sleep.     

Opportunistic malicious actors are trying to exploit one of the worst periods in the history of the oil industry, which is struggling with the double shock of the coronavirus pandemic and plunging oil prices.   

While oil and gas firms around the world prepare for ultra-low oil prices, hackers have launched spear-phishing campaigns against oil and gas firms to infiltrate with a spyware for the purpose of collecting sensitive company information and credentials, Bitdefender researchers have found.

Spear-Phishing Campaign Targets US, Malaysian, Iranian Firms 

The spear-phishing campaign did not use as sophisticated spyware as in other cyber attacks. Instead, it was carefully planned and executed with emails using the names of real companies, projects, and events to make the emails look as legitimate as possible, according to Bitdefender analysts.

Companies in many countries, including the United States, Malaysia, Iran, Oman, the UAE, and Saudi Arabia, were targeted with spear-phishing emails purporting to be on behalf of a real oil and gas company in Egypt, state firm Engineering for Petroleum and Process Industries (Enppi).

“Enppi is globally recognized as a major engineering, EPC main contractor, and management contractor, with decades of experience in onshore and offshore projects in the oil and gas, refining and petrochemical industries,” the company says on its website.  

The emails sent in the spear-phishing campaign claim that they are inviting the companies to submit a bid for equipment and materials as part of a real existing project, the Rosetta Sharing Facilities Project.

In reality, Enppi did work on the Rosetta Sharing Facilities Project.

Premium: 2 Stocks To Consider As Oil Nears $15

According to Bitdefender, these details would look convincing enough to an email recipient to open the attachment to send a bid bond for a tender. But opening the attachment actually drops a Trojan spyware.

Hackers Strike While Oil Industry Faces Major Market Challenges

This particular campaign took place at the end of March when Saudi Arabia was promising to flood the world with oil and U.S. President Donald Trump hadn’t yet dropped the comment that the Saudis and Russia would discuss removing 10 million bpd of oil from the market. At that time, oil prices were already crashing and the oil and gas industry started to slash budgets to cope with the low price of oil.

It was, and still is, a time in which the oil industry is already vulnerable to the double market shock of oversupply and plunging demand.

“While the malware payload itself is not as sophisticated as those used in more advanced and targeted attacks, the fact that they’ve been orchestrated and executed during this time, and before the 'historic OPEC+ deal', suggests motivation and interest in knowing how specific countries plan to address the issue,” Bitdefender’s Liviu Arsene writes.

According to Bitdefender researchers, this spear-phishing campaign was focused specifically on the oil and gas industry, unlike other spear-phishing campaigns, which are more comprehensive and involve many sectors.

The researchers also found another recent spear-phishing campaign, in which the hackers – claiming to be a shipping company – used legitimate information about a chemical/oil tanker and industry jargon to trick email recipients at several shipping companies in the Philippines into opening attachments that dropped Trojan spyware.

Cyber Attacks On Energy Industry Grow

Bitdefender’s analysis shows that cyber attacks on companies in the energy industry have been rising since October 2019, suggesting that malicious actors are specifically targeting the oil and gas industry when the market is particularly volatile. The United States and the UK lead the countries in terms of number of energy companies targeted in recent months.

Electric network systems are also a target of attacks. Threats of cyber attacks on North America’s electric network systems are growing, industrial cybersecurity firm Dragos said earlier this year. This year, the firm has identified two groups, Magnallium and Xenotime, which are increasingly probing to compromise electric assets in North America, expanding their targeting from the oil and gas sector to include electric assets.  

According to cybersecurity firm FireEye, “Hacktivists may opportunistically target energy companies in response to perceived controversies.”

The spear-phishing campaigns found by Bitdefender were executed during a turbulent time for the oil and gas industry. No one knows where the bottom for oil prices will be in the coming days, considering that the WTI Crude May futures contract sank to as low as -$37 a barrel this week—with futures dipping into negative territory for the first time ever.

By Tsvetana Paraskova for Oilprice.com

More Top Reads From Oilprice.com:

Download The Free Oilprice App Today

Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News