Protecting Oil and Gas from cyberattack

September 20, 2022

A recent report from Dragos on the Oil & Gas sector in the Middle East reveals the emerging threat from cybercriminals

The Oil and Gas sector in the Middle East is one of the most dominant of its kind in the world, occupied with some of the largest reserves and companies contributing from all four corners of the globe. A large percentage of the Middle Eastern economy is dependent on this prospering source of trade and fuel. However, heavy is the head that wears the crown: being such a colossal source of commerce makes you a glaring target for malicious ne’er-do-wells, especially in the evolving and lawless cyberscape. Oil and Gas companies must respond accordingly to be able to defend themselves against cybercriminals, after only having to defend from physical malcontents for many years.

Cybersecurity experts Dragos Inc. published a report last year outlining the many issues the Oil & Gas industry face in the current climate, as well as action points needed to meet the challenge of evolving malicious technologies. Dragos’s International Channel Leader, Mayank Verma, looked further into this in an attempt to dispel any myths surrounding cyber defence of critical infrastructure that are preventing them from taking sufficient action.

The report, titled Oil & Natural Gas Cyber Threat Perspective: For the Gulf Cooperative Council Region, published in November 2021, “assesses with high confidence that adversaries pose a high risk of causing small-scale Operational Technology (OT) environment disruptions with moderate confidence that adversaries could cause large-scale OT disruption within the Gulf Cooperative Council (GCC) region during the next year”.

The reasons given in the report included:

An increase in the number of attacks against Oil and Natural Gas (ONG), including disruptive events that can occur at any stage within ONG operations (upstream, midstream and downstream).
The significant increase in ransomware attacks.
The increased focus instate-sponsored cyber activity.
It’s continued significance as a high value target.

According to the report, “Ransomware remains the preeminent threat to Information Technology (IT) and OT environments. Ransomware attacks can disrupt production if OT is not properly segmented from IT systems. These disruptions have led to significant financial loss, damage, and reputational damage in the region.

“Dragos assesses that the biggest cybersecurity issues asset owners currently face are a lack of asset visibility into their network and weak network authentication controls. Without asset visibility organisations are unable to properly secure their OT environments because defenders cannot protect what they cannot see.

“Industrial Control Systems (ICS) adversary groups (AG) that focus on ONG and the energy sector at large pose the most OCS cyber security risk to the GCC regional ONG industry. Important risks include: intrusions enabling intelligence gathering and data theft; and cyber events that align with the economic interests of hostile states that rely on the ONG vertical.”

To read more news and exclusive features see our latest issue here.