• 4 minutes USGS Announces Largest Continuous Oil Assessment in Texas and New Mexico
  • 10 minutes IT IS FINISHED. OPEC Victorious
  • 16 minutes GOODBYE FOREIGN OIL DEPENDENCE!!
  • 32 mins Paris Is Burning Over Climate Change Taxes -- Is America Next?
  • 18 hours The Great Climate Change Swindle
  • 4 hours End of EV Subsidies?
  • 8 hours Price Decline in Chinese Solar Panels
  • 5 hours Maersk's COO statment.
  • 2 hours Trump accuses Google Of Hiding 'Fair Media' Coverage of him
  • 1 day S. Australia showing the way
  • 19 hours China Builds LNG Icebreaker
  • 1 day More OPEC Members May Leave
  • 22 hours Exxon buys green power.
  • 5 hours EPA To Roll Back Carbon Rule On New Coal Plants
  • 2 days Not only GM: Morgan Stanley Predicts Ford to Cut 25,000 Jobs in Overhaul
  • 1 day Feudalism: The Most Resilient System?

Oil Industry Neglected Cybersecurity During The Downturn

Transmission lines

Striving to adapt to the lower-for-longer oil prices with cost cuts, oil companies put investment into boosting cybersecurity on the back burner during the worst of the oil price plunge in 2015 and 2016, while hackers grew increasingly inventive and bolder, security experts told the Houston Chronicle.

The projects to strengthen the networks and systems against cyber attacks did not receive the necessary attention and funding, and today most security teams are still short of staff or technology to effectively monitor and prevent cyber attacks, the experts said.

During an oil price slump, “projects, capabilities and needs that aren’t exactly on top of mind go to the bottom of the pile,” Paul Berger Jr., a cybersecurity professional at Baker Hughes, now part of GE, told the Houston Chronicle.

However, in recent months it has become evident that critical U.S. energy infrastructure—including pipelines and refineries—have been targeted by state-sponsored hackers.

Yet, according to the experts who spoke to the Houston Chronicle, there is little evidence of a U.S. political push in Congress to tackle the cybersecurity issues, and the U.S. still lacks regulation on cybersecurity standards in the oil and gas industry, the way it has for nuclear, power, and chemicals.

Recent cyber attacks have alerted the U.S. administration and last month it sanctioned Russian cyber actors, saying that “Since at least March 2016, Russian government cyber actors have also targeted U.S. government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.”

Related: Three Takeaways From OPEC's Latest Report

More recently, at least seven natural gas pipeline operators were the victims of hackers that targeted third-party communications system Latitude Technologies, causing service disruptions and breakdowns in electronic communications with customers.

Baker Hughes’ Berger told the Houston Chronicle that the oil and gas industry has to do better because hacker groups “could cause the United States a lot of grief, and a lot of grief in a hurry.”

According to a 2017 U.S. oil & gas cybersecurity study by Ponemon Institute sponsored by Siemens, 68 percent of respondents said their organisation had experienced at least one cyber compromise. A total of 67 percent of respondents believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats. Sixty-six percent believe that oil and gas companies are benefiting from digitalization, but that it has also significantly increased cyber risks. Only 45 percent of respondents say their organisation has the internal expertise to manage cyber threats, the study found.

By Tsvetana Paraskova for Oilprice.com

More Top Reads From Oilprice.com:



Join the discussion | Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News
-->