cyber attacks in oil and gas industry

Commerce Secretary Gina Raimondo said the pipeline fix was a top priority for the Biden administration and Washington was working to avoid more severe fuel supply disruptions by helping Colonial restart as quickly as possible its more than 5,500-mile (8,850 km) pipeline network from Texas to New Jersey. From oil and gas to wind, solar and hydrogen, Houston is world-renowned for its talented workforce and technological innovations in the energy industry.”. INFO The malware-based attack affected 30,000 workstations and took the Saudi Arabian company more than a week to resolve. Colonial said it was working with a "leading, third-party cybersecurity firm," but did not name the company. Aside from these, espionage is something the industry has to defend itself against as well. Drivers can work extra or more flexible hours to make up for any fuel shortages. We believe that limited strategic appreciation and sponsorship at a boardroom level—rather than lack of technical know-how—explain the industry’s … As if gasoline prices weren’t already high enough, a cyber attack on the Colonial Pipeline system could cause them to move even higher along the Atlantic Coast and into the Northeast. Colonial said on Sunday its main fuel lines remain offline but some smaller lines between terminals and delivery points are now operational. President Biden declared a state-of-emergency Sunday night after a foreign cyber attack forced a precautionary shutdown of the Colonial Pipeline system, … However, the industry’s march toward interconnectedness has outpaced its cyber maturity, making it a prime target for cyber-attacks. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems. In a media statement issued late Friday, the Colonial Pipeline Company announced that it had “...learned it [is] the victim of a cybersecurity attack. (AP Photo/Pat Sullivan). About a decade ago, Iran was blamed for an attack on the computer systems of Saudi Aramco, one of the world’s largest oil producers, that destroyed 30,000 computers. Gasoline prices along the Atlantic Coast and the U.S. northeast spiked as shortages materialized as a result of the shutting-in of the line. Throughout the oil and gas production… Cyber Attack Shuts Down Vital Fuel Pipeline To Northeast U.S. Equinor Blazes A Renewable Path, But Can Other Oil Companies Follow? , held its event in a virtual manner earlier this year, but the organizers of OTC and NAPE’s “Synergy in Energy” combined event are planning to revive the in-person format while using appropriate precautions as the ongoing situation related to COVID might dictate in August. The emergency declaration means rules are relaxed for drivers transporting fuel and petrol in 18 states. The Colonial gasoline pipeline runs from Houston through the southern and Atlantic Coast states and makes deliveries all the way up to New York Harbor, delivering as much as 45% of the gasoline supply along its route. David Blackmon is an independent energy analyst/consultant based in Mansfield, TX. Cybersecurity Culture Is Limited. "It's an all-hands-on-deck effort right now," Raimondo told CBS' 'Face the Nation' programme. The attack is one of the most disruptive digital ransom schemes reported and has prompted calls from American lawmakers to strengthen protections for critical US energy infrastructure from hacking attacks. David has enjoyed a 39-year career in the oil and gas industry, the last 23 years of which were spent in the public policy arena, managing regulatory and legislative issues for various companies, including Burlington Resources, Shell, El Paso Corporation, FTI Consulting and LINN Energy. More than 65,000 people and 2,000 exhibitors representing more than 110 countries attend the four-day conference. In addition to client-related work, David also maintains a growing media communications practice. It's also the latest … Read more on weforum.org. Contractors such as electricity plants that serve your organization are often not aware of cyber risks and introduce vulnerability into your networks. He attended Texas A&I University and The University of Texas, earning B.A. David Blackmon is an independent energy analyst/consultant based in Mansfield, TX. In the Colonial attack, the hackers took more than 100 gigabytes of data, according to a person familiar with the incident. As the FBI and other government agencies worked with private companies to respond, the cloud computing system the hackers used to collect the stolen data was taken offline Saturday, the person said. Cybercrime: Insurance giant Axa to stop covering ransomware payments in France, Belgium's parliament and universities hit by cyber attack, What is ransomware? This is especially true for oil & gas, an industry that is critical to the global economy. “The key drivers for oil & gas companies in regards to cyber security are industry standards and regulations, steep increase in cyber-attacks in the industrial space, need to leverage digital solutions to optimise production to offset cost pressures and resource limitations, and remote connectivity accelerated because of Covid-19 and future contingency planning.” CERA Week, organized by IHS Markit If organizers are able to pull it off, the holding of this major combined event would represent a welcome return to some semblance of normalcy as America and the industry try to move past the COVID-caused disruption. A massive cyber attack on a US oil pipeline, believed to be carried out by DarkSide, has knocked Colonial Pipeline offline. in accounting in 1979. As of early Saturday morning, the company said it is “... taking steps to understand and resolve this issue” but does not know how long its system will be shut in. 80% of senior cybersecurity leaders see ransomware as a dangerous growing threat that is threatening our public safety. Responses to cyber attacks must be multilayered, repelling the most common attacks, with a nuanced approach for advanced and emerging threat vectors. DarkSide is a ransomware gang that extorts victims and claims it donates a portion of its money to charity. There have been also attacks that are related to … The US government invoked emergency powers on Sunday after a top oil pipeline was hit by one of the worst ever cyberattacks. The oil and gas industry is well aware of potential threats, and is rising up to tackle cyber security issues by creating joint programs and initiatives. During this time, David has led numerous industry-wide efforts to address a variety of issues at the local, state and federal level, and from April 2010 through June 2012, he served as the Texas State Lead for America’s Natural Gas Alliance. You may opt-out by. 7 | Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry Threats The biggest threats the oil and gas industry have to worry about are those that have a direct negative impact on the production of their end products. New research published today by Kaspersky examines a rise in the number of cyber-attacks on industrial control system (ICS) computers used by the oil and gas industry. Oil and Gas Cyber Attacks: The case of the Canadian oil and gas company Our first step was to check for systems that control or monitor H2S, and are exposed to the internet. “As the energy capital of the world, Houston continues to be a central hub convening the best and brightest minds to solve some of the most complex energy issues facing our generation,” said Sylvester Turner, Mayor of Houston. This content is not available in your region, Cyber attack on a US oil pipeline blamed on a cybercriminal gang could spark a fuel shortage. Colonial's data did not appear to have been transferred from that system anywhere else, potentially limiting the hackers' leverage to extort or further embarrass the company. Brian Lord … Opinions expressed by Forbes Contributors are their own. In recent years, events show that the energy and oil sectors are among the most vulnerable sectors. Here are six principles to improve the cybersecurity of critical infrastructure. Oil rises 1 per cnt after cyber attack forces closure of U.S. fuel 'jugular' pipeline; From Amazon to Tata, Reliance to Vedanta, industry steps up to combat coronavirus; Coal India's fuel allocation through spot e-auction rises 43 pc in FY21; Asian Development Bank to end coal, oil and gas financing - draft statement Fuel pipeline operator Colonial Pipeline was knocked offline by a cybercriminal gang on Friday and forced to shut a critical fuel network supplying the east coast. More than 65,000 people and 2,000 exhibitors representing more than 110 countries attend the four-day conference. They work by gaining access to private networks, encrypting files using software, and often also steal data. two major oil and gas industry annual conferences. This is surprising to me as I would have thought the bulk would be aimed at financial institutions, because that’s where the money is. Cyber attacks in the oil and gas industry can threaten an organisation’s information technology (IT), its operational technology (OT) and any internet of things (IoT) systems in place. Shutdown of US pipeline after cyber-attack prompts worry over gas prices. Even in a very technological culture, cybersecurity remains a niche … If the Colonial system remains shut-in for any extended period of time, prices could rise even further just as the country begins to move into the annual summer driving season, when gas prices tend to rise due to increased demand. It's also the latest reminder that both the frequency and severity of catastrophic digital shocks on critical infrastructure are on the rise. (AP Photo/Pat Sullivan), The Leukemia & Lymphoma Society BrandVoice, The Next Step | Small Business Video Series, Biden Should Get Republicans On Board With His Energy Investment Package, Capturing Methane From Oil And Gas Operations Is Doable And Profitable, Expert Recommendations On Nuclear Waste May Fall On Deaf Ears – Yet Again, The Colonial Pipeline Attack Is A Major National Security Incident, Texas Grid Set To Remain Vulnerable To Blackouts As Legislative Session Winds Down. Cyber Attack Halts Colonial Pipeline Operations; Analysts Raise 2021 Oil Price Forecast; Oil and Gas Industry Success Fuels Energy Transition; Chevron Awards GOM Services Contract; Texas Oil … Every activity in the oil and gas sector is exposed to risks, also due to cyber security vulnerabilities. The same trend was discovered at play in the building … Oil industry rattled by cyber-attack on US gas pipeline. If one of these attacks were to succeed, it … Cyber crime terms explained, Cyber attack in Finland hits email accounts of MPs and parliament, New hacking scams - Here's how to avoid them, Second-biggest cryptocurrency Ethereum soars above record $4,000 mark, How a cyber attack on a US oil pipeline could spark a fuel shortage, How EU funding is changing the face of Latvian innovation, NFT: Blockchain is transforming the way we buy and sell digital art. Infrastructure sabotage, insiders, ransomware and malware are the biggest threats facing the oil and gas industry. Prior to 2020, when both conferences had to be cancelled due to the COVID pandemic, these two events, along with CERA Week, attracted thousands of visitors to Houston every year, generating millions in economic impact. Cyber security in oil and gas 14/09/17 Cyber security has experienced plenty of media airtime recently and these events have made one thing abundantly clear; everyone must be aware of the risks and understand what can be done to mitigate them. We have contacted law enforcement and other federal agencies.”. The investigation into the hacking is in its early stages but a former US official and three industry sources said the hackers are suspected to be a professional cybercriminal group called DarkSide. © 2021 Forbes Media LLC. Sustained low oil prices are driving the adoption of digitization across the oil and gas industry, ramping up the stakes for cybersecurity. Risks come from all sides: extreme weather can affect transportation, politics (global and local) can impact production, and physical attacks on infrastructure can actually threaten worker safety and even impact the world’s oil supply. Messages left with the DarkSide hackers by Reuters were not immediately returned. With all these concrete risks, seemingly intangible cyberattacks … Oil; Security; Pipelines; Oil & Gas Industry; Cyber-attacks We used some of the famous scanners like Shodan , Binary Edge , and Censys for that mission, with the banal term “H2S”. The oil and gas industry should brace itself for the increased risk of cyber attacks from hostile states, the former Deputy Director of GCHQ has warned. The US Department of Homeland Security tries to keep tabs on cyber activity and believes that over 50% of all cyber attacks from 2015 to 2019 have been aimed at energy infrastructure (power, oil, and gas). The text or links to all of David’s writings and podcasts can be found at www.dbdailyupdate.com. Visitors to the annual Offshore Technology Conference in Houston walk through the exhibits ... [+] Wednesday, May 4, 2011. David has enjoyed a 39-year career in the oil and gas industry, the last 23 years of. The last major disruption of the line took place following 2017’s Hurricane Harvey, the severe flooding from which caused the shutdown of the Houston-area refineries that provide most of Colonial’s daily supply. A cyber attack at facility can occur at any point across the three major stages of oil and gas operations: upstream, midstream or downstream. US gasoline futures jumped more than 3 per cent to $2.217 (€1.82) a gallon, the highest since May 2018, as trading opened on Monday and market participants reacted to the closure. The company is working to restore its service. Steve Forbes, Government Cyber Security Expert at Nominet commented on the domino effect of CNI attacks on this scale: “The declaration of a state of emergency due to a cyber-attack could become the new normal. OTORIO supply-chain risk management suite helps you identify these threats and helps you put the best safety practices in place … During previous Colonial outages, retail prices in southeastern states have risen substantially. A cyber-attack on the world’s largest oil company, Saudi Aramco in 2012, caused the shutdown of tens of thousands of the company’s servers. The oil and gas industry has been at risk of losing competitive advantage in several areas, including exploration information or bidding information, by way of intellectual property theft at the hands of a cyber threat adversary. Mining, transportation, refining, distribution—the oil and gas industry has a widespread and complicated production chain that can be difficult to comprehensively defend. Past attacks against this industry have proved the value of risk management and riskbased security policies for stakeholders. Oil and gas organizations work with third-party contractors, who might be a source of malicious or accidental cyber incidents. Over the years, there have been many cyber security attacks on the offshore oil and gas sectors including the tilting of oil rigs, malware-infected platforms, industrial control systems being hacked. They then demand payment to decrypt the files and increasingly ask for additional money not to publish stolen content. The group's dark website, where hackers regularly post data about victims, made no reference to Colonial Pipeline. Microsoft allowing EU clients to keep all data activity within Europe Cyber Attacks on the Rise in the Oil and Gas Industry: Experts Published October 4th, 2017 - 01:04 GMT The oil and natural gas business could be the next big industry targeted by cyber criminals. That attack… Wednesday, May 4, 2011. All Rights Reserved, This is a BETA experience. Experts, including the American Automobile Association (AAA), have warned that if the outage lasts several days it could have a significant impact on regional fuel supplies. "We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren't disruptions in supply". Since Election Day 2020, the average nationwide price for a gallon of gasoline has shot up by 78 cents. A Charlotte Douglas International Airport spokesperson said the airport had supply on-hand and was "monitoring the situation closely," adding that the complex is supplied by another major pipeline as well as Colonial. The recent cyber-attack on the US major oil and gas pipeline could become one of the most expensive attacks to an economy. Colonial transports roughly 2.5 million barrels per day of gasoline and other fuels from refiners on the Gulf Coast to consumers in the mid-Atlantic and southeastern United States. David has enjoyed a 39-year career in the oil and gas industry, the last 23 years of Read More David Blackmon is an independent energy analyst/consultant based in Mansfield, TX. Over the first six months of 2020, the percentage of systems attacked in the oil and gas industry increased when compared to the same time period last year. “Houston is proud to safely and responsibly host OTC and NAPE and demonstrate our city’s continued leadership in energy and the energy transition. Neither Raimondo nor the company gave an estimate for a full restart date. The upstream oil and gas industry is fast evolving, whereby automation, digitalization, and IoT technology are rapidly integrating into the complex operational ecosystem. Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have already launched an investigation into the nature and scope of this incident, which is ongoing. Oil and Natural Gas Cyber Threats Individuals responsible for the cyber-attacks against the oil and gas industry differ, as do their purposes, motives, and methods. The group says it does not attack post-soviet states not hospitals, educational or government targets. The recent cyber-attack on the US major oil and gas pipeline could become one of the most expensive attacks to an economy. This translates to just over 5 million sophisticated attacks each day. How can Europe’s fishing industry reduce its reliance on plastic. With the largest fuel pipeline in the US grinding operations to a halt due to a ransomware attack, the attack on Colonial is likely to have a ripple effect across the globe. In another sign of our COVID-impacted times, two major oil and gas industry annual conferences held in Houston each year have decided to join forces. The populous states affected include Alabama, Florida, New York, Texas, and Virginia. military aggression to cyber threats, the oil and gas sector is a high-profile target for adversaries intent on disrupting production, intercepting sensitive data, and crippling national and global economies. Over 20 percent of the total attacks are directed towards upstream companies with up to 7 percent of the attacks targeting exploration activities exclusively. Its extensive pipeline network serves major US airports, including Atlanta's Hartsfield Jackson Airport, the world's busiest by passenger traffic. How Goal uses technology to help vulnerable communities. Colonial declined to comment on whether DarkSide hackers were involved in the attack, when the breach occurred or what ransom they demanded. Organizers of the Offshore Technology Conference (OTC) and the NAPE Summit announced recently that they will hold their conferences back-to-back in August, and that attendees will be able to purchase registration passes that will provide full access to both events. Actors may steal intellectual property through these compromises, and He is currently Associate Editor for Shale Magazine (www.shalemag.com), a contributor on energy-related matters at Forbes.com, and a feature writer for World Oil Magazine. Adverse incidents, both intentional and unintentional, can affect individuals, businesses, and society as a whole. The recent cyber-attack on the US major oil and gas pipeline could become one of the most expensive attacks to an economy. Some of the most dangerous forms of cyber-attacks are those that target critical infrastructure such as oil and gas facilities, or nuclear plants. He is the resident energy expert on the "In The Oil Patch" radio program, and executes frequent public speaking engagements around the state of Texas and at conferences. In the last 9 months, cyber attacks on global oil and gas companies have grown significantly. Holding tanks at a Colonial Pipeline facility in Linden, New Jersey.