Cyberattacks Pose Increasing Industry Threat

Abstract

Cyberattacks are an increasing threat to businesses and organizations globally, and the oil and gas industry is and will remain a prominent target. At the American Petroleum Institute (API) annual Cybersecurity Conference held recently in Houston, James Morrison, a technical expert on information technology (IT) with the United States Federal Bureau of Investigation, told an industry audience, “Every single one of you will be attacked, if you have not already been attacked.” During 2016, 75% of oil and gas companies had at least one cyberattack, he said, stressing that companies must do more to protect their data and “the industrial control systems behind that data.” All facets of industry business, very much including operating activity of any kind, are exposed and will only be more so as the Internet of Things proliferates. More Than a Digital Issue Thus, cyberdefense is much more than a digital or IT issue. It carries implications for every dimension of business, including health, safety, environmental, and financial activity. Cybersecurity experts are adamant that operations technology (OT) systems cannot be viewed as safe simply because they are not IT systems. While they have differing characteristics, IT and OT systems must be viewed as a continuum. More than 200 groups globally, including some linked to national governments, are believed to be involved in cyberattacks on US installations, and the number appears to be growing with the rise of criminal activity on the dark web, Morrison said. However, the number of attack groups is surely larger than those known to have targeted US installations. If there was a consensus coming out of the API conference, it was that the industry is not doing enough to protect itself. While companies may have protective programs and processes in place, the companies generally approach the problem reactively. “We’re actually getting a little numb about too many attacks,” Morrison said. Disrupt the Attackers What companies mainly are failing to do is embrace measures that can disrupt the by now established business models of many cyberattackers. Ransomware attacks, for example, are affecting businesses of all sizes and types and have been growing phenomenally, according to Michael Leigh, the global head of incident response at NCC Group, a cybersecurity and risk mitigation consultant. These attacks use a type of malware that prevents or limits users of a computer system from accessing it until a ransom is paid.