Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Risk Management

08:05 AM
Larry Loeb
Larry Loeb
Larry Loeb

Oil & Gas Industry Face Significant Cybersecurity Threat – Study

A Ponemon survey finds a growing concern among cybersecurity professionals who work in the world's oil and gas industries.\r\n\r\n

A significant majority of oil and gas companies have reported a serious security breach or incident in the past year, according to a new report. This comes at a time when the safety of critical infrastructure facilities is under renewed scrutiny following a series of attacks and government warnings.

The Ponemon Institute conducted the survey of security in the oil and gas industry, which is based on the results of 176 people responsible for cybersecurity within companies based in the Middle East. Siemens, which sells products and technology into that market, funded the study.

The results come less than a week after the US Computer Emergency Readiness Team (US-CERT), along with the FBI and the Department of Homeland security, issued a warning that charged several Russia-based group with hacking into several critical facilities, including oil, gas and other energy firms. (See FBI & DHS Accuse Russia of Hacking Critical Infrastructure.)

The Ponemon study found that there were a significant number of security incidents in the oil and gas industry, which researchers defined as disruption to operations in the operational technology (OT) environment or the loss of confidential information.

Of those surveyed, 11% reported that they had experienced more than 10 OT network intrusions, which is three times the global average. Not only that, nearly half of the respondents believe that they may not be aware of all breaches that have occurred.

The specifics of the OT environment weighed heavily on the participants in the study. Two-thirds of those interviewed believe that the risk of attack has grown on OT over the last several years. In addition, 60% report that the risk to OT is greater than the danger posed to traditional IT systems.

The respondents report that there are certain items that are most at risk from these incidents, including exploratory information, production information, potential partners, financial and organizational reports, operational data, information on drilling sites, and field production data that is collected by sensors.

The top cybersecurity threat for 68% of those surveyed was a careless or negligent insider, as opposed to 21% believing it was a criminal or malicious insider.

Respondents also attribute the cyber risk their organizations face to uncertainty about the cybersecurity practices of third parties in the supply chain and the difficulty in mitigating risks across the entire oil and gas value chain.

Additionally, respondents report that the primary reason that their organizations are at risk is a lack of cybersecurity awareness and training among employees. Other important factors that they perceive are a limited cybersecurity culture among their vendors, suppliers and contractors, as well as the use of standard IT products that have known vulnerabilities in the production environment.

The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

The OT companies seem to realize they are at risk.

However, only 27% of respondents expressed confidence in their ability to assess cybersecurity risks and allocate the resources necessary to address those concerns. Overall, a third of their cybersecurity budget is directed at protecting OT environments.

Only 39% of respondents plan on hardening the endpoints of their systems, and 20% report that they plan on adopting analytics solutions over the next year.

Organizations that adopt a risk-based and compliance-based approach to their OT security programs have the best chance of keeping their OT operations both secure and running without problems, the study found.

Related posts:

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internet—and What Your Organization Can Do About It
The Threat from the Internet—and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.