The Cyber Security Threat Facing Oil and Gas Organizations

Within the past year, and even the past month, there has been a drastic increase in cyber attacks against oil and gas organizations. Within the past 30 years, the oil and gas sector has been a main target of these attacks, with one of the most famous being against Saudi Aramco in 2012 by the terrorist organization Cutting Sword of Justice.

This attack was launched to stop the gas production in Saudi Arabia’s largest exporter within the Organization of the Petroleum Exporting Countries (OPEC). While the attack didn’t disrupt production, it affected 30,000 computers and was “one of the most destructive cybersecurity strikes against a single business,” according to the Lockheed Martin Corporation.

After this famous, crippling attack, oil and gas companies realized that it was crucial to evaluate their own security efforts and identify any areas that were lacking for their safety.

Learn more about cyber attacks against the oil and gas industry and find out what you can do to protect your companies.

Creating a Plan of Protection

In an article by Control Engineering, published on February 23, 2016, they stated that according to a report sponsored by Tripwire and conducted by Dimensional Research in November 2015, 82% of oil and gas industry respondents said their organizations registered an increase in successful cyber attacks over the past 12 months. Fifty-three percent of respondents said the rate of the cyber attacks has increased between 50% and 100% in just the past month.

Many people in this report also revealed that they aren’t confident in their organizations’ security or ability to identify the attacks. Tim Erlin, director of security and IT risk strategist at Tripwire, said that the industry should focus on reducing the number of attacks by eliminating threat actors and reducing the overall attack surface.

Oil and gas companies should “look at how they can detect anomalous activity or unauthorized changes in their control environments in order to improve this metric,” Erlin said.

The US Department of Energy’s (DOE) Office of Electricity Delivery and Energy Reliability has made an effort to address the security challenge. According to the DOE, “Ensuring a resilient electric grid is particularly important since it is arguably the most complex and critical infrastructure that other sectors depend upon to deliver essential services.”

The DOE also published the Roadmap to Achieve Energy Delivery Systems Cybersecurity. This plan states that “by 2020, resilient energy delivery systems are designed, installed, operated and maintained to survive a cyber incident while sustaining critical functions.”

The industry is on the hunt for more tools and methods to ensure cyber security for oil and gas companies. As the global market opportunity continues to grow, so are the predicted number of threats. However, this also means that there’s greater opportunity to protect this critical infrastructure.

As an oil or gas company, make sure that you’re prepared for such attacks and that you have a plan for handling them should one occur.

Contact CPV Manufacturing to learn more about their high-quality fittings and valves.