• 2 days Shell Oil Trading Head Steps Down After 29 Years
  • 2 days Higher Oil Prices Reduce North American Oil Bankruptcies
  • 3 days Statoil To Boost Exploration Drilling Offshore Norway In 2018
  • 3 days $1.6 Billion Canadian-US Hydropower Project Approved
  • 3 days Venezuela Officially In Default
  • 3 days Iran Prepares To Export LNG To Boost Trade Relations
  • 3 days Keystone Pipeline Leaks 5,000 Barrels Into Farmland
  • 3 days Saudi Oil Minister: Markets Will Not Rebalance By March
  • 3 days Obscure Dutch Firm Wins Venezuelan Oil Block As Debt Tensions Mount
  • 3 days Rosneft Announces Completion Of World’s Longest Well
  • 4 days Ecuador Won’t Ask Exemption From OPEC Oil Production Cuts
  • 4 days Norway’s $1 Trillion Wealth Fund Proposes To Ditch Oil Stocks
  • 4 days Ecuador Seeks To Clear Schlumberger Debt By End-November
  • 4 days Santos Admits It Rejected $7.2B Takeover Bid
  • 4 days U.S. Senate Panel Votes To Open Alaskan Refuge To Drilling
  • 4 days Africa’s Richest Woman Fired From Sonangol
  • 5 days Oil And Gas M&A Deal Appetite Highest Since 2013
  • 5 days Russian Hackers Target British Energy Industry
  • 5 days Venezuela Signs $3.15B Debt Restructuring Deal With Russia
  • 5 days DOJ: Protestors Interfering With Pipeline Construction Will Be Prosecuted
  • 5 days Lower Oil Prices Benefit European Refiners
  • 5 days World’s Biggest Private Equity Firm Raises $1 Billion To Invest In Oil
  • 6 days Oil Prices Tank After API Reports Strong Build In Crude Inventories
  • 6 days Iraq Oil Revenue Not Enough For Sustainable Development
  • 6 days Sudan In Talks With Foreign Oil Firms To Boost Crude Production
  • 6 days Shell: Four Oil Platforms Shut In Gulf Of Mexico After Fire
  • 6 days OPEC To Recruit New Members To Fight Market Imbalance
  • 6 days Green Groups Want Norway’s Arctic Oil Drilling Licenses Canceled
  • 6 days Venezuelan Oil Output Drops To Lowest In 28 Years
  • 6 days Shale Production Rises By 80,000 BPD In Latest EIA Forecasts
  • 6 days GE Considers Selling Baker Hughes Assets
  • 7 days Eni To Address Barents Sea Regulatory Breaches By Dec 11
  • 7 days Saudi Aramco To Invest $300 Billion In Upstream Projects
  • 7 days Aramco To List Shares In Hong Kong ‘For Sure’
  • 7 days BP CEO Sees Venezuela As Oil’s Wildcard
  • 7 days Iran Denies Involvement In Bahrain Oil Pipeline Blast
  • 9 days The Oil Rig Drilling 10 Miles Under The Sea
  • 9 days Baghdad Agrees To Ship Kirkuk Oil To Iran
  • 10 days Another Group Joins Niger Delta Avengers’ Ceasefire Boycott
  • 10 days Italy Looks To Phase Out Coal-Fired Electricity By 2025
Alt Text

The Dangers Of A Bullish Oil Market

Geopolitical tensions continue to threaten…

Alt Text

Oil Tycoon Hamm Slams EIA’s Overoptimistic Shale Forecasts

Shale billionaire and chief executive…

Alt Text

Oil Refining Could Become Much Less Lucrative

If the world gets serious…

Zainab Calcuttawala

Zainab Calcuttawala

Zainab Calcuttawala is an American journalist based in Morocco. She completed her undergraduate coursework at the University of Texas at Austin (Hook’em) and reports on…

More Info

The U.S. Oil Patch Has A Serious Cybersecurity Problem

cybersecurity

Cybersecurity firm Symantec reports that dedicated hackers have been able to control operational software at American and European oil and gas companies, according to a new report by CNBC.

The hackers’ tactics include a variant of malicious software we are all familiar with: phish-friendly emails with a malevolent true purpose. So far, companies in the United States, Turkey, and Switzerland have already been targeted by the email campaigns, Symantec said.

Dragonfly is likely the main culprit behind these attacks. The report said a foreign government is hiring the hacker group’s services to target energy hotspots as part of underground geopolitical warfare. The attacks began in late 2015, but have become more frequent, especially during April of this year, Symantec researcher Eric Chien told an interviewer on Wednesday.

A June alert by the U.S. government warned energy companies of an onslaught of new phishing emails designed to gain access to sensitive credentials from mid- to upper-level management teams.

The sophistication of the attacks – and their successes in the U.S. and allied countries – suggests that motivation is “the only step left” between a large-scale attack against the national power grid, Chien said. But his colleagues disagree.

The attacks remain "far from the level of being able to turn off the lights, so there's no alarmism needed," Robert M. Lee, founder of U.S. critical infrastructure security firm Dragos Inc., said in response to the report. The connection between the recent attacks and DragonFly was also “loose,” he added. Related: North Korean Sanctions May Hurt China’s Oil Giants

But even the Dragos wiz can agree that just because the threats identified by Symantec may not necessarily be as dangerous as described, does not mean a real cyberthreat from a foreign government is not real. Dragos itself published a report on risks to the American grid from a Russian cyber-weapon called CrashOverride in June. Dragos’ threat intelligence director Sergio Caltagirone said the report reflected months of research completed after a Slovak anti-virus firm shared their analysis on the virus with their American counterpart.

“Adversaries are getting smarter, they are growing in their ability to learn industrial processes and codify and scale that knowledge, and defenders must also adapt,” the report said.

To date, American preparedness has shielded the country from a major cyberattack. Legislative awareness of the dangers of our brave new digital world continues to increase day-by-day.

“Reliability is reinforced with regular training and events such as the North American grid’s GridEX, where grid operators train for events from hurricanes, to terrorist incidents, to cyber-attacks and how they will respond to such outages,” the Dragos report reads. Related: What Happens If The OPEC Deal Expires?

Still, authorities and citizens must remain vigilant. In the internet age, assaults against electric grids are unlikely to diminish any time soon.

A separate study by Deloitte in June said the energy sector was he second-most prone industry to cyberattacks last year. Almost three-quarters of U.S. oil and gas companies went through at least one cyber incident in 2016, the consulting firm said.

In May, another investigation found that oil and gas companies operating in Texas, and especially those concentrated around Houston, are exposed to major cybersecurity threats as the sheer size of operations and the growing digitalization of the energy industry make it difficult to protect sensitive data.

Study after study finds that key energy assets are especially vulnerable to digital attackers, but only a “handful” of players in the private sector are really ready to defend themselves. Though hurricane season puts fossil fuel companies on high alert for natural disaster-related catastrophes, it is time the big players take a serious look at the storm that may be brewing within their own computer systems.

By Zainab Calcuttawala for Oilprice.com

More Top Reads From Oilprice.com:




Back to homepage


Leave a comment

Leave a comment




Oilprice - The No. 1 Source for Oil & Energy News