The State of Cybersecurity in Today’s Oil, Gas Industry
The convergence of digital technology with existing supervisory control and data acquisition (SCADA) infrastructure has increased the oil and gas industry’s risk to cyberattacks, industry insiders say.
Oil and gas companies are lucrative targets for cyberattackers motivated to perform industrial espionage, steal intellectual property, or cause critical infrastructure disruptions, Todd O’Boyle, cofounder and chief technology officer of Percipient Networks, said. Attacks are typically part of an ongoing attempt by individuals and interest groups worldwide—in some cases, government agencies and nation-states—to disrupt the oil and gas market and damage the financial standing of these companies, said Jessica Cooper, lead marketing manager for Check Point Software.
The oil and gas industry not only faces cyberthreats that are commercial in nature but also cyberthreats from activists such as environmental groups. These threats, if successful, “could have severe threats not just on the industry but also on the environment, public health and safety, and even national security,” according to March 2016 report by The Boston Consulting Group.
The oil and gas industry’s value chain not only offers many potential points for entry of attack but also leaves the industry vulnerable to multiple types of attacks. The Boston Consulting Group found that upstream data was the most vulnerable to cyberattacks. This is due to data often being transmitted from old or unsecured equipment and without standard protocols or security precautions.