Rigzone | 19 May 2014

Energy Companies See Email, Hacktivists as Major Cybersecurity Threats

A recent study found that 61% of energy firms view email as the biggest threat vector for cyberattacks via malware and that hacktivists are seen as posing the biggest threat to energy companies.

The study by ThreatTrack Security examined the vulnerabilities of energy and financial service firms—the industries that are most frequently targeted by cybercriminals. Both industries are under constant pressure from attackers due to the high-value assets they own, which represents a significant risk for the US economy and critical physical infrastructure, ThreatTrack said in a press release.

“There are a wide range of threat actors and attack vectors targeting these two industries, and ThreatTrack Security’s report investigates the challenges in these organizations face in defending themselves, and what they plan to do to increase security,” said ThreatTrack.

According to the study, 72% of respondents from both industries are confident their company will be targeted by an advanced persistent threat, targeted malware attack, or other sophisticated cybercrime or cyber-espionage tactics in the next 12 months. Of these respondents, 38% of the survey respondents said an attack was a certainty or highly unlikely.

Rigzone | 13 May 2014

Oil, Gas Industry Looks To Hire More Cybersecurity Professionals To Address Risks

Oil and gas companies are looking to hire more cybersecurity professionals as recent advances in oil and gas technology, which have created greater efficiency and reliability, also raise the industry’s risk from cyberattacks.

As it becomes more lucrative and high-profile, the oil and gas industry has become more of a target for cyberattacks. “Oil and gas is holding the economy together in a lot of ways, and is one of the few sectors not struggling,” said Chad Pinson, managing director of global investigations for cybersecurity at Stroz Friedberg.

Pinson said Stroz Friedberg sees more of its clients talking with the company about cybersecurity about ways they can bolster their cybersecurity preparedness. The hiring trend is not surprising, given the growing stakes and damage that can be caused by both sophisticated and unsophisticated attackers, Pinson noted.

“While the level of sophistication for cyberattackers has grown,” he said, “even an unsophisticated hacker can download a tool and do pretty good damage.”

Reuters | 25 April 2014

Global Shipping Fleet Exposed to Hacking Threat

The next hacker playground: the open seas—and the oil tankers and container vessels that ship 90% of the goods moved around the planet.

In this internet age, as more devices are hooked up online, so they become more vulnerable to attack. As industries such as maritime and energy connect ships, containers, and rigs to computer networks, they expose weaknesses that hackers can exploit.

Hackers recently shut down a floating oil rig by tilting it, while another rig was so riddled with computer malware that it took 19 days to make it seaworthy again; Somali pirates help choose their targets by viewing navigational data online, prompting ships to either turn off their navigational devices or fake the data so it looks like they’re somewhere else; and hackers infiltrated computers connected to the Belgian port of Antwerp, located specific containers, made off with their smuggled drugs, and deleted the records.

Reuters | 16 April 2014

South Sudan Rebels Say They Have Seized Oil Hub Bentiu, Tell Foreign Firms To Go

South Sudanese rebels said on 15 April that they have seized the capital of oil-producing Unity state, Bentiu, and warned oil firms to pack up and leave within a week.

Thousands of people have been killed and more than 1 million displaced since fighting erupted in South Sudan in the middle of December, triggered by a power struggle between President Salva Kiir and former Vice President Riek Machar.

“The recapturing of Bentiu marks the first phase of liberation of oil fields from (the) antidemocratic and genocidal forces of Kiir,” rebel spokesman Lul Ruai Koang said in a statement.

Urging all oil firms operating in government-held areas to shut their operations and evacuate their staff within a week, he said, “Failure to comply with this request, the oil companies risk forced oil shutdown and the safety of their staff.”


Reuters | 9 April 2014

Energy Companies Need Insurance Cover for Cyberattack “Time Bomb”

Energy companies have no insurance against major cyberattacks, reinsurance broker Willis said on 8 April, likening the threat to a “time bomb” that could cost the industry billions of dollars.

Willis highlighted the industry’s vulnerability to cyberthreats in its annual review of the energy sector’s insurance market, which called on insurers to find a way to provide cover.

“A major energy catastrophe—on the same scale as … Exxon Valdez or Deepwater Horizon—could be caused by a cyberattack, and, crucially, that cover for such a loss is generally not currently provided by the energy insurance market,” the insurance broker said.

Most insurance products currently available will cover minor things such as data losses or downtime caused by IT issues, but not major events like explosions at multiple facilities triggered remotely by hackers, Willis said.

Reuters | 11 March 2014

BP Shelves Onshore Exploration in Libya as Instability Grows

Oil and gas major BP said it had mothballed plans to explore in Libya’s Ghadames basin because of security concerns, the latest in a series of companies to rethink their projects amid growing instability.

Three years of turmoil since the Arab Spring and tough contract terms have prompted oil firms to reassess their role in Libya, and several have said they would postpone their plans or scrap them altogether.

BP’s exploration and production sharing agreement with Libya covers onshore acreage in Ghadames, near the border between Libya, Algeria, and Tunisia, and offshore acreage in the central Sirte basin.

“With respect to the onshore exploration drilling program, a security review in June concluded that this could not be safely and securely delivered by BP at this time. Alternative approaches are being considered,” BP said in its annual report.

Fuel Fix | 28 February 2014

Shell Nigeria Closes Major Pipeline, Cites Theft

Shell Nigeria said on 27 February that it has closed a 6,000-km oil pipeline to repair leaks from oil theft.

Shell recently threatened to close the Nembe Creek Trunk Line because of repeated sabotage. It carries about 150,000 B/D for Africa’s biggest oil producer. Shell did not say how much oil has been lost through the leaks or how the closure may affect Nigeria’s daily output of 2.2 million B/D.

Reuters | 11 February 2014

Column: The Shale Factor in US National Security

The boom in domestic shale oil and gas production has increased US prosperity and economic competitiveness. But the potential for this to enhance our national security remains largely unrealized.

The shale surge has boosted production by 50% for oil and 20% for gas over the last 5 years. Yet our political leaders are only just beginning to explore how it can help further national strategic interests.

We led a major study at the Center for a New American Security in the last year, bringing together a nonpartisan panel to examine national security implications of the unconventional energy boom. We decided that outdated idealization of “energy independence” is preventing the administration and Congress from focusing on current energy vulnerabilities and figuring out how Washington should secure our economic and security interests.

Though the United States now imports less oil than it has for more than a dozen years, we should not distance ourselves from international oil markets by pursuing full energy self-sufficiency. The best way to advance energy security is to remain engaged internationally with major energy players.


Rigzone | 28 January 2014

Iraq Says Syria War Spillover Hinders Oilfields, Pipelines

Spillover attacks from the civil war in Syria have hindered development of Iraq’s gas and oil reserves and a major pipeline to the Mediterranean has been blown up dozens of times, Iraq’s top energy official said on 28 January.

Violence in Iraq climbed back to its highest level in five years in 2013, with nearly 9,000 people killed, most of them civilians, according to the United Nations.

“The ongoing conflict in Syria has resulted in an increasing number of terrorists using vast desert areas between Syria and Iraq to establish bases from which they have carried out attacks against the civilian population and economic targets and infrastructure,” Deputy Prime Minister for Energy Hussain al-Shahristani said.

“Attacking the energy sector has been among their top priorities to deprive the country of its main revenue source,” he said at an energy conference in London. “The attacks have been focussed on oil export pipelines, power generation, and transmission lines.”

Rigzone | 30 December 2013

Libyan Militia Threatens To Cut Gas Deliveries

A Libyan militia that shut down most of the country’s oil terminals for months threatened on 29 December to cut off natural gas deliveries to the capital, potentially imperiling the power supply in a serious escalation of its standoff with the central government.

A spokesman for a militia in the country’s east, who did not identify himself, said in a recorded statement aired on local television stations that the government has 48 hours to resume paying salaries to the group, which was originally in charge of securing oil and gas facilities in the country’s east.

Rigzone | 18 December 2013

Industry Optimism, Spending Rise on Cybersecurity Preparation

Oil and gas companies have increased spending and are more confident of their cybersecurity measures, but the number and impact of cyberattacks continues to grow as industry’s measures fail to keep pace with increasingly sophisticated attacks, according to PwC’s 16th annual report “The Global State of information Security 2014.”

Seventy-nine percent of the 107 oil and gas industry respondents who participated in the survey expressed confidence over the effectiveness of their security activities, up from 78 percent in 2012. However, they reported that their confidence in the security programs of partners and suppliers decreased from 2012 to 2013, with confidence declining from 75 to 68 percent.

Rigzone | 12 December 2013

Libya’s Oil Security Force Expects Eastern Ports To Reopen 15 December

Libya’s oil security force expects an eastern autonomy movement to reopen seized export ports this weekend as promised, the force’s commander said on 11 December.

On 10 December, leaders of a tribal autonomy movement blocking three ports that had exported around 600,000 BOPD said they would end the stoppage on 15 December if the government agreed to give the east a share of the oil.

Such seizures have slashed Libya’s oil output to 250,000 B/D, from 1.4 million B/D in July, and added to chaos in the north African country 2 years after the fall of Muammar Gaddafi.