The oil and gas industry and its supply chain face increased cybersecurity risks from advanced threat groups and others as they continue to build out digitally connected infrastructure, Trend Micro reveals.
The latest in-depth report draws on insights into almost a decade’s worth of cyberattacks against the sector, finding geopolitics and espionage motivate attackers targeting the oil and gas industry. While these attacks are not always sophisticated, they are often targeted and impact production, which can cause real-world damage.
“Industrial cybersecurity is not hopeless. We sometimes forget that in complex environments with appropriate security controls, the attacker is the one who has to get everything right,” said Bill Malik, vice president of infrastructure strategies for Trend Micro.
“ICS manufacturers and integrators are beginning to understand the value of a comprehensive, layered approach to information security. In tandem, information security firms are expanding their integration and analytical capabilities.
“As the IIoT market consolidates, enterprises will have a clearer choice identifying superior, well-integrated and proven technology to protect their systems.”
Oil and gas companies typically run sprawling operations with sites in hard-to-reach locations. Remote monitoring for performance, quality control and safety is therefore essential, but with bandwidth limitations and the focus on availability, communications are often left unencrypted.
Ransomware attacks posing a critical risk
The focus on data availability makes financially motivated ransomware attacks a critical risk for the industry. Carefully planned and well-executed ransomware attacks can cost millions of dollars in damages and down time.
Known cases of ransomware infecting oil and gas companies were designed to create the most havoc, which results in a higher likelihood of the perpetrators being paid.
Additionally, oil and gas companies have increasingly come under the scrutiny of advanced threat groups which usually attack military and defense organizations with geopolitical agendas. The sector is also at risk from attacks designed to steal sensitive information and financially motivated ransomware.
Mitigating oil and gas cybersecurity threats
Firms can use the following strategies to mitigate modern threats:
- Domain name security, like two factor authentication for changes to DNS settings
- Data integrity checks
- Implementing DNSSEC
- SSL certificate monitoring
- Two factor authentication for webmail
- Improved employee training
- Comprehensive risk assessment of cloud services