HSE NOW articles are available to SPE members.
Login Now
Security

Energy Industry Is on Alert Against Increasing Cyberattacks

Source: Field Fisher Waterhouse via Mondaq | 6 December 2013

Governments the world over have been ramping up their digital agendas in recent months, each seeking to instill the importance of cybersecurity on citizens and businesses alike. Attempts are being made to raise cybersecurity awareness, and essentially the message is that organizations must understand their networks, systems, and data and must take a proportionate, risk-based approach to keeping them secure. Resilient networks and systems must be in place.

Energy Companies Are Stingy on Cyber Intelligence

Source: Fuel Fix | 13 November 2013

Oil and gas companies continue to be at a disadvantage when facing cyberattacks because they are not sharing information about incidents, experts said on 12 November at the American Petroleum Institute Cybersecurity Conference & Expo in Houston.

Although a few trusted professionals at oil and gas companies know each other and share information about attacks, communication has been limited and the need for more is extremely high, speakers said.

“We all talk about how we need to share information, but we’re not doing it. Why?” said Stuart Wagner, director of information technology security at pipeline giant Enterprise Products Partners. “It’s something everybody thinks is a great idea, but it’s not out there.”

Wagner said President Barack Obama’s cybersecurity executive order issued earlier this year helped set the framework for companies to share information about cyberattacks. A handful of security professionals are working to develop a group that will perform the kind of sharing envisioned by the executive order, Wagner said.

Management: Stark Realities of Managing Cybersecurity Risk

Source: JPT | 12 November 2013

Worldwide, the cybersecurity threat is real and growing. The oil and gas industry’s technological critical infrastructure has been especially hard-hit, absorbing 40% of all cyber attacks globally. Yet the realities are not resonating effectively with industry executives because many companies have yet to put comprehensive protection plans into action.

This issue is potentially so devastating that it figuratively shouts for a short course about the chances that companies are taking, what vendors and purported experts are advocating, the grave risks, the unvarnished truth about hackers and company vulnerabilities, and how waiting for disaster is a dead-end choice.

Largely because of its worldwide exploration and production scope and the vast population dependent on energy, oilfield companies cannot simply blend in with the landscape and become unrecognizable as a major cyber target. For example, Telvent, which makes a control system for smart grid networks, was recently hacked. Project files for its supervisory control and data acquisition (SCADA) system were accessed and malware was installed on its network in the attack.

Other attacks have occurred against Saudi Aramco, which required 10 days to get its network back online after a Shamoon Wiper malware cyber attack disabled more than 30,000 workstations in a supposedly politically directed action by a group of hackers called the Cutting Sword of Justice. In a costly move only possible with a sovereign nation, the company sequestered its entire network while determining the cause of attack and fully restoring service. Meanwhile, the Chinese military has been accused of attempts to hack all types of industries, with a particular focus on oil and gas, according to the Mandiant Intelligence Center Report.

Report Points to Serious Oil Problems in Nigeria

Source: Oilprice | 12 November 2013

A report last week from Amnesty International said energy companies operating in the oil-rich Niger Delta region weren’t entirely up front about what’s causing the hundreds of spills reported every year in the region. In a 66-page report, the rights group said oil companies, in particular Royal Dutch Shell, have made numerous claims about sabotage and oil theft that raise a series of questions. Now, lawmakers in OPEC member Nigeria are mulling legislation that would tighten penalties for oil companies responsible for the spills. The cost, if passed, would be in the millions of dollars for the companies operating there.

Amnesty, in its report, said the hundreds of oil spills reported in Nigeria every year are ruining the environment and putting human lives at risk. It said spills in the Niger Delta are the result of pipeline corrosion, maintenance issues, equipment failure, sabotage, and theft.

Private Protection: Combating the Piracy Threat

Source: Rigzone | 8 November 2013

The In Amenas terrorist attack in January of this year was a stark reminder that oil and gas companies often operate in areas where their employees can be vulnerable from a security point of view.

While the In Amenas attack set a worrying precedent in that it was conducted by Islamist terrorists who deliberately targeted employees of the Western oil companies BP and Statoil, the truth remains that most hostage taking of oil company employees currently occurs at sea.

Attacks by pirates on oil and gas vessels offshore Africa happen frequently. The latest such incident occurred at the end of October, when two US citizens were kidnapped from an oil supply vessel offshore Nigeria. This kidnapping serves to remind just how dangerous the Gulf of Guinea is becoming for the crews of oil and gas vessels, as well as merchant seamen, with the International Maritime Bureau recording 31 incidents of piracy and armed robbery in the region during the first 6 months of this year.

The increase in piracy off the coast of Africa in recent times has occurred as Western navies, which have traditionally enforced maritime law, are becoming smaller in response to budget cuts. The Royal Navy operated around 50 frigates and destroyers in 1990, compared to 20 today, while the total number of active ships in the US Navy declined from 592 to 283 between 1989 and 2009, according to the US Navy’s Naval History & Heritage Command.

Gaining Support Is Key to Overseas Success

Source: 4 November 2013

James Reese, CEO, TigerSwan

The marketplace for natural resources is truly global. As a multinational business traveler in search of new business, you may find yourself investing considerable capital and resources in unfamiliar areas. Ensuring the safety and security of your personnel and property is paramount, and taking steps to establish support from the local community can help you mitigate risk and execute a successful investment project.

It is often the perception of local citizens that multinational businesses arrive in their countries and rob them of natural resources and local revenue without adding any value or contributing to the economy. This type of practice leaves the host nation community with no vested interest in the well-being or success of your project. So, how do you win over the locals and get them to buy into your project emotionally and financially? Demonstrate outwardly that you are excited to be there to assist in the community. If you can do this, you will be less likely to face resistance or opposition.

There are a variety of ways to establish rapport with local communities in order to gain support. Some best practices include:

  • Engage local communities and eliciting their support early in the process of project startup. This will often prevent misunderstanding and provide a channel for communication.
  • Coordinate with local law enforcement before the project team arrives.
  • Hire locals to help with the project and teach them valuable skills and best practices.
  • Invite locals to use commodities within your self-contained facility such as medical clinics and primary schools.
  • Where possible, source food supplies and raw materials locally, thus contributing to the local economy.
  • Establish and execute a plan that transfers some of the business investment, infrastructure, and equipment to the local community upon your exit.

Without the support of the local community, you are likely to spend more on long-term security to combat risks such as protests, attacks, and theft at your project site. At TigerSwan, we often are called in to fix a problem when there is already an issue. Ideally, we would like to provide the tools and support to prevent these issues in the first place. As our best practices suggest, we recommend hiring a consultant such as TigerSwan who has extensive knowledge and knows how to engage local communities to help navigate the diverse cultures across the globe and provide appropriate recommendations for optimal security solutions in foreign regions. Our experience has shown that active, soft security solutions such as community engagement are not only cost effective, they also enhance the corporate reputation of companies working overseas.

By employing these best practices, you can change the perception of foreign business and establish goodwill in new communities. With minimal costs to you and your company, you can effectively establish rapport, support the community, and open the door for future business in the region.

James Reese

CEO and founder James Reese has 31 years of demonstrated success leading, managing, and organizing complex and multifunctional organizations. His leadership roles have spanned international and multicultured organizations and achieved success in areas of stability, instability, and high threat. He led TigerSwan from a two-person business, to an international, multiasset, global stability company with 250 personnel worldwide. Reese previously spent 21 years of his 25-year career in the Army Special Operations and was a decorated combat leader within the discreet Delta Force. He culminated his career after multiple combat tours working with host nation communities and government and business leaders in Iraq and Afghanistan.

Founded in 2007 by former members of the US Army’s elite special operations unit Delta Force, TigerSwan specializes in corporate solutions across the entire spectrum of vulnerability management. TigerSwan’s Guardian Angel membership is an international corporate security program that enables you to travel safely and conduct your business globally. When travels take you to unfamiliar, unstable or even dangerous regions, your safety is paramount. Guardian Angel membership services range from client tracking and monitoring to cultural liaisons and low-profile security details—anytime, anywhere in the world. For more information, please visit www.TigerSwan.com.

 

Worsening Nigeria Security Dents Royal Dutch Shell’s Earnings

Source: International Business Times | 1 November 2013

Royal Dutch Shell’s ongoing security issues in Nigeria weighed on third-quarter earnings, sending the oil giant’s shares down by as much as 5% in early trading on the London Stock Exchange.

Shell reported a fall in earnings to USD 4.2 billion during the third quarter, on a current cost of supplies basis, down from USD 6.2 billion in the same quarter a year before.

Oil theft in Nigeria is a problem for Shell. Moreover, rival militias in the poverty-stricken country engaging in violent battles for resources have intensified security concerns—and raised costs—for those operating in Nigeria.

As well as the Nigeria production problems, Shell said its earnings were hit by significantly weaker industry refining conditions and production volume impacts from maintenance and asset replacement activities.

“We are facing headwinds from weak industry refining margins and the security situation in Nigeria, which continue to erode the near term outlook,” said Peter Voser, Shell’s chief executive.

Digital Danger: How Do You Build an Effective Cyber Strategy for Oil and Gas?

Source: Oil & Gas IQ | 30 October 2013

From the technical to the cultural, there a many risks associated with digitizing upstream oil processes.

As David Joy, senior project integration at Weatherford, explains in an interview, cyber threats can be managed if by staying ahead of them

Highlight the range of technological and cultural risks associated with going digital.

  • Technological risks:

Company intellectual property, trade secrets, etc. typically are more accessible to a larger audience when stored and accessed via digital methods.

Digital surveillance and gathering/storage of personal data is pushing the limits of individual privacy concerns and increasing the corporate liability for privacy breaches.

  • Cultural risks:

Global staff possesses varying degrees of knowledge about cybersecurity, the importance of safeguarding company intellectual property, etc.—some regions may be quite deficient in their treatment of cybersecurity.

People are more apt to make poor ethical, personal, and business decisions behind the relative anonymity of the Internet vs. in person.

Identity theft is a growing risk that crosses cultural, age and educational borders, and can have negative implications in the corporate world as well as the personal domain.

How are cyber threats seen to be evolving, and how can organizations stay ahead of this?

  • Data breach—Laptops or other devices containing personal data of customers/clients are compromised, potentially leading to identity theft via phishing attempts.
  • Malware—Drive-by downloading (delivery of malware from a malicious URL), mobile device application repackaging (and delivery via alternative channels), and “smishing” (unsolicited text messaging prompting users to divulge personal credentials) are all sources of malware.
  • DoS and DDoS—Distributed denial of service attacks of various forms and at various levels within the network; lately, DoS used to create a diversion away from an intrusion or other more ominous type of cyber attack.
  • Mobile devices—Mobile phones, tablets, and phablets are no longer immune to viruses, worms, etc.; also, BYOD (bring your own device) are introducing an additional layer into the cyber security domain, especially personal mobile devices that connect to the corporate network.
  • Industrialized and commercialized fraud—Fraud rings; software building blocks for developing fraudulent programs are readily available; fraud websites, fraud conventions, etc. are all contributing to the growing number of cyber threats.
  • Insider threats—The disgruntled employee or the employee who looks to profit by trading his/her employer’s trade secrets.

Eni CEO Calls Libyan Situation Very Worrying

Source: Rigzone | 25 October 2013

Disruptions to oil production in Libya are “very worrying” to Italian oil and gas group Eni, its chief executive said on 23 October, as losses there continue to weigh on its prospects for output and profit.

A combination of strikes, militias, and political activists have disrupted production at the majority of Libya’s oilfields and ports since the end of July.

Eni, the world’s seventh-biggest oil major, is the largest foreign operator in Libya in terms of volume. Production disruptions there prompted the company in August to cut its yearly projections.

“The Wafa field is shut, while gas is only produced for power generation inside the country,” Eni Chief Executive Paolo Scaroni said on the sidelines of a conference.

The Business of Kidnapping

Kidnapping is a serious and real threat when you travel to emerging markets and high-risk parts of the world. Criminals generate large profits and operate like a business. Kidnappers not only target executives for ransom or political gain, but also Western business associates from lucrative industries including oil and gas.

The number of reported kidnapping cases continues to grow each year. According to industry experts, there has been a dramatic increase in reported kidnappings in high-risk countries from 2012 through the first six months of 2013. The current top high-risk countries are Nigeria and Mexico. Mexico had 555 reported kidnappings between January and April 2013 compared with 417 incidents during the same time period last year. Yemen also placed particularly high on the list this year as its government remains unable to enforce its justice system or any authority.

Kidnapping can describe a wide spectrum of scenarios. Aside from the most common form of abduction, kidnap for ransom, criminals also engage in express (lightning) kidnappings where victims are temporarily detained and their bank accounts drained through coerced bank transactions. More disturbingly, kidnappers have begun abducting individuals and selling them to terrorist organizations who use the victims for political gain. Your company cannot afford to put you, the most precious commodity, in a vulnerable position.

Kidnappers look for easy targets. They observe and prey on travelers who create patterns and habits such as taking the same routes to and from work. Cell phone records, travel itineraries, and background information are often collected in dangerous countries with help from telephone service providers and corrupt local law enforcement. Something as simple as a tweet or Facebook post from a corporate employee or family member mentioning your whereabouts can lead to an attack.

The following simple steps can be taken to deter kidnapping while traveling internationally:

  • Establish a crisis-management plan with your company before traveling abroad
  • Learn about the geopolitical situation in the region you are traveling to
  • Employ security professionals who can provide security-risk analysis and country-specific response plans before travel
  • Conduct comprehensive due diligence on the individuals and companies you will be meeting with
  • Arrange for qualified security to pick you up from the airport and provide secure transportation throughout your travels
  • Maintain consistent communication with your colleagues while overseas
  • Remain alert and aware of your surroundings while traveling abroad

It’s no secret the oil and gas industry is high-risk. You must travel to unstable and often third-world regions in order to maintain and expand your business. Talk to experienced professionals and conduct the necessary research and planning before traveling overseas. Safety is your No. 1 priority.

James Reese

James Reese

Beating an Advanced Persistent Threat

Source: Offshore Engineer | 5 September 2013

Make no mistake, APTs are watching, learning, and poised to attack

Globally interconnected digital information and communications infrastructure—better known as “cyberspace”—underpins almost every facet of modern society and provides critical support for the US economy, its civil infrastructure, public safety, and national security.

Security in cyberspace relies on interdependent networks of information technology, national infrastructure, the internet, telecommunications networks, computer systems, and embedded processors and controllers. Each of these plays a critical part in maintaining intellectual property, the efficient function of the banking and energy industries, and protection of key corporate and national assets.

Yet, it is abundantly clear the activities of hackers or malware can severely impair industrial or government systems and their assets. There is a trend in the oil industry that aims at integrated management of control and safety systems resulting in improved use, efficiency, reduction in personnel, training costs, and cost savings. But industrial systems for the oil industry and offshore platforms remain extremely vulnerable to attacks by hackers.

Analyst Says Piracy Spotlight Will Remain Fixed on West African Oil Trade As Long As Naval Presence Remains Low

Source: GlobalData | 13 August 2013

Pirates will continue to prey on the lucrative west African oil trade, with more piracy and hijacking incidents expected in the Gulf of Guinea, as long as the political complexities surrounding naval presence in territorial waters continue, says an analyst with research and consulting firm GlobalData.

According to Jeffrey Kerr, GlobalData’s managing analyst covering downstream oil and gas, most of the pirates in the west African region are believed to be part of its countries’ thriving black market for crude oil and refined products.

Kerr said, “The Gulf of Guinea accounts for about 10% of the world’s crude oil exports, as well as many other products such as cocoa and metals, which are highly sought by the generally armed pirates on West African waters.”