3 Out Of 4 US Energy Firms Were Hacked In 2016

Authored by Zainab Calcuttawala via OilPrice.com,

Hackers have targeted Russian oil giant Rosneft, the company said on Tuesday, just as Deloitte released a report on cyber-attacks targeting U.S. oil companies.

A “powerful hacker” attacked the company’s server in an assault that, according to TASS news agency, could be related to ongoing legal proceedings.

A Russian court recently froze assets of a holding company called Sistema as part of a suit lodged by Rosneft and Bashneft. The two companies are trying to recover $2.9 billion lost during Sistema’s 2014 restructuring.

Russian companies are not the only ones facing the new frontier in corporate espionage. U.S. consulting major Deloitte released a report on Monday that said American energy companies showed “limited strategic appreciation” for cyber-threats.

Analysts said three of every four U.S. oil and gas companies experienced a cyber-attack in 2016, but only a few firms said the computerized attacks posed a major security risk.

"Whether hackers use spyware targeting bidding data of fields, malware infecting production control systems, or denial of service that blocks the flow of information through control systems, they are becoming increasingly sophisticated and, specifically alarming, launching coordinated attacks on the industry," the report said.

Low crude prices have caused energy companies to focus their spending on operations that maximize value for shareholders, instead of investing in protective cyber security measures.

On the most vulnerable aspects of the oil and gas supply chain, Deloitte wrote:

Among the upstream operations, development drilling and production have the highest cyber risk profiles; while seismic imaging has a relatively lower risk profile, the growing business need to digitize, e-store, and feed seismic data into other disciplines could raise its risk profile in the future.”


Dammit Walter LawsofPhysics Wed, 06/28/2017 - 12:52 Permalink

This is a *very* serious topic.  Hacking a working field or production facility could interrupt oil flow while systems are down, or Denial-of-Service'd.  Worst case, equipment could be permanently damaged, causing long term shutdown, plus costs to replace, causing significant financial impact to the facility owners and potentially those impacted by supply disruption.  Damages could have severe ripple effect.  Imagine if a coordinated attack took out multiple facilities.  You can bet that major powers and maybe rogue associations are testing and probing for weaknesses and collecting information. 

In reply to by LawsofPhysics

SWRichmond Dammit Walter Wed, 06/28/2017 - 14:47 Permalink

Within 90 minutes of the beginning of WW3 absolutely nothing will work.  No power, no fuel pumping stations, no internet, no phones, no water / sewer.  Nothing.  It is all pre-hacked, can't be cleaned up, and there's not a fucking thing you can do about it.  Someone just presses the "execute" button and bammo, nothing works.  Mutual Assured Destruction, circa 2017.  Who needs nukes?The awesome part of that would be that 90% of the commies in cities would die, and quickly.

In reply to by Dammit Walter

asteroids Wed, 06/28/2017 - 12:59 Permalink

Stop being stupid. Get a real firewall. Properly design your networks. And for Gawd sake get rid of Windows. If you must, virtualize it and put it in an air-gapped sandbox.

SWRichmond asteroids Wed, 06/28/2017 - 14:55 Permalink

Stop being stupid. Get a real firewall. Properly design your networks. If you must, virtualize it and put it in an air-gapped sandbox.hahaha you're funny.  "get a real firewall".  You've got to be shitting me.Instead, let's hire a ridiclously expensive consultant who will baffle us with bullshit and some kewl color graphics, especially one associated with a known corrupt accounting firm.JHFC

In reply to by asteroids

decentraliseds… (not verified) Wed, 06/28/2017 - 14:16 Permalink

 Why waste time on this alligator when the swamp’s most critical economic and political problems revolve around the hegemony of a global corporate cartel, which is headquartered in the US because this is where their dominant military force resides. The US Constitution is therefore the “kingpin” of an all-inclusive global financial empire. These fictitious entities now own the USA and command its military infrastructure by virtue of the Federal Reserve Corporation, regulatory capture, MSM propaganda, and congressional lobbying. The Founders had to fight a bloody Revolutionary War to win our right to incorporate as a nation – the USA. But then, for whatever reason, our Founders granted the greediest businessmen among them unrestricted corporate charters with enough potential capital & power to compete with the individual states, smaller sovereign nations, and eventually to buy out the USA itself. The only way The People can regain our sovereignty as a constitutional republic now is to severely curtail the privileges of any corporation doing business here. To remain sovereign we have to stop granting corporate charters to just any “suit” that comes along without fulfilling a defined social value in return. The "Divine Right Of Kings” should not apply to fictitious entities just because they are “Too Big To Fail”. We can't afford to privatize our Treasury to transnational banks anymore. Government must be held responsible only to the electorate, not fictitious entities; and banks must be held responsible to the government if we are ever to restore sanity, much less prosperity, to the world. It was a loophole in our Constitution that allowed corporate charters to be so easily obtained that a swamp of corruption inevitably flooded our entire economic system. It is a swamp that can't be drained at this point because the Constitution doesn’t provide a drain. This 28th amendment is intended to install that drain so Congress can pull the plug ASAP. As a matter of political practicality we must rely on the Article 5 option to do this, for which the electorate will need overwhelming consensus beforehand. Seriously; an Article 5 Constitutional Convention is rapidly becoming our only sensible option. This is what I think it will take to save the world; and nobody gets hurt: 28th Amendment: Corporations are not persons in any sense of the word and shall be granted only those rights and privileges that Congress deems necessary for the well-being of the People. Congress shall provide legislation defining the terms and conditions of corporate charters according to their purpose; which shall include, but are not limited to: 1, prohibitions against any corporation; a, owning another corporation; b, becoming economically indispensable or monopolistic; or c, otherwise distorting the general economy; 2, prohibitions against any form of interference in the affairs of; a, government, b, education, c, news media; or d, healthcare, and 3, provisions for; a, the auditing of standardized, current, and transparent account books; b, the establishment of state and municipal banking; and c, civil and criminal penalties to be suffered by corporate executives for violation of the terms of a corporate charter.