SECURITY SPOTLIGHT
sites have at least one direct connection to
the Internet. In addition, 84% have at least
one remotely accessible device and 16% of
sites have at least one wireless access point.
“There are no compliance regulations
obliging oil and gas facilities to report
breaches, but we can assume there have
been many more breaches than the TRITON
attack,” said Neray.
“There could be various motivations for
attacks on such infrastructure – nation
state attacks carried out for political
considerations; ransomware attacks;
hacktivists objecting to policies or drilling
activities; or even attacks designed to steal
intellectual property.”
With oil and gas installations a significant
and potentially lucrative target, attackers
are likely to increasingly turn their attention
to these facilities, particularly as plants
modernise their infrastructures with new,
connected IoT and automation systems.
www.intelligentcio.com
While basic cybersecurity approaches such
as patching, encryption and up-to-date
AV are necessary in the OT environment,
standard out-of-the-box IT network security
devices are not effective in industrial
facilities, according to Neray.
“
THERE ARE NO
COMPLIANCE
REGULATIONS
OBLIGING OIL AND
GAS FACILITIES
TO REPORT
BREACHES.
“Industrial cybersecurity requires specialised
solutions, since OT systems use unique
protocols and non-standard operating
systems,” he said.
“Industrial cybersecurity systems also need
embedded Machine Learning and behavioural
analytics to understand routine M2M traffic
patterns and detect suspicious activity.”
Neray says oil and gas organisations are
taking the increased cyber-risk seriously, and
are now moving to address vulnerabilities,
but that more urgency is needed.
“Cyber-risk at OT level is a business risk,”
added Neray. “A danger for management
teams is that some tend to think of
cybercrime as a technical issue rather than
as a business risk issue. But cybercrime has
the potential to cause millions of dollars
in losses, environmental damage, human
safety risk, as well as downtime, brand
impact, compliance issues and loss of
intellectual property.” n
INTELLIGENTCIO
43