WannaCry attack brings cybersecurity to front, center for upstream oil industry

Alex Endress, World Oil
5/22/2017

The upstream oil and gas industry should take notice of the WannaCry ransomware attack that hit companies across the globe last week, holding valuable proprietary data hostage unless the organizations agreed to pay off the hackers in Bitcoin, for safe return of the information.

The hackers accessed the data by breaking through vulnerabilities in outdated Windows software, and while users scrambled to respond—or risked losing the data forever—industrial controls in places like hospitals and automotive factories were brought to a standstill. In the energy sector, PetroChina had to respond to how the malware put  down electronic payment systems at retail gas stations. While there was no significant news of the attack’s impacts on major upstream oil and gas operations, companies like Petrobras took remedial measures, such as disconnecting corporate computers from the Internet.

And though the upstream industry was seemingly safe this time, it might not be so lucky in the future. In fact, there’s already a precedent for attacks that have specifically targeted the industry, including an attack on the Baku-Tbilisi-Ceyhan pipeline in Turkey, during 2008. This attack allowed hackers to hyper-pressurize the pipeline, and shut off alarms and communications that would have allowed personnel to respond. The resulting explosion disrupted a connection between the Caspian Sea and the Mediterranean that had transported more than 2 Bbbl of oil before the explosion, and it also caused a 30,000-bbl oil spill into an area above a water aquifer, according to Bloomberg. The spill apparently cost operator BP and partners, including Chevron and Statoil, millions in transit tariffs.

Even more warning signs come from industrial attacks outside the oil industry. In 2010, a malicious computer worm called Stuxnet targeted an Iranian nuclear facility. The program entered the facility through programmable logic controllers (PLCs). It collected industrial data from the PLCs, and then caused the nuclear facility’s industrial centrifuges to spin out of control and destroy themselves.

The oil and gas industry is not immune to these risks. Whether the motivation is a criminal’s monetary gain, a competing government’s geopolitical strategy, or even what some call “hacktivism,” there are plenty of reasons why cyber criminals might attack anything from an E&P company’s office in Houston, to a deepwater drilling rig operating in the Gulf of Mexico. There are significant monetary and safety implications for such an attack. Companies’ proprietary data could be accessed and stolen. Corrupt software could leak form a crewmember’s personal device onto the vessel’s control system through a USB port, and ruin it. Hackers could even gain limited access to a rig’s controls, if said controls are connected to the Internet.

These looming possibilities shouldn’t be taken lightly. As upstream operations continue to become digitalized processes, improving efficiency through big data analytics, optimizing equipment operation with machine learning, and turning manual tasks into automated tasks with algorithms, the risks become more likely and significant. The time to fortify security is now. World Oil has covered myriad solutions, from multinational corporations, and from smaller, specialized firms. API is also holding its 12th Annual Cybersecurity Conference for the Oil & Natural Gas Industry on Nov. 7 in The Woodlands, Texas—a good place to learn about the matter, for certain.

The onus is not only on E&P companies, but everyone involved in the process, including the oilfield service companies, drilling contractors and OEMs. Collaboration is possible, and necessary, to make the industry safe from cybercrime. Don’t let your company become the one that we read about on the front page after a cyber attack.

To view the blog from World Oil's sister publication, Hydrocarbon Processing, focused on current events in the downstream oil and gas sector, click here.

The Authors ///

Alex Endress Alex.Endress@worldoil.com

Comments ///

comments powered by Disqus