Trend Micro Incorporated, a global leader in cybersecurity solutions, has announced the result of new research on the cyber risks facing the oil and gas industry.
The oil and gas industry and its supply chain face increased risk with threat groups and others as they continue to innovate digitally connected infrastructure as showcased according to the research.
There has been almost a decade’s worth of cyberattacks against the sector as described on the latest in-depth report from Trend Micro, finding geopolitics and espionage motivate attackers aiming the oil and gas industry. Although these attacks are not complex, it still has an impact on production and are often targeted, which can cause real-world damage.
Bill Malik, vice president of infrastructure strategies for Trend Micro said “Industrial cybersecurity is not hopeless. We sometimes forget that in complex environments with appropriate security controls, the attacker is the one who has to get everything right, Industrial control systems (ICS) manufacturers and integrators are beginning to understand the value of a comprehensive, layered approach to information security. In tandem, information security firms like Trend Micro are expanding their integration and analytical capabilities. As the IIoT market consolidates, enterprises will have a clearer choice identifying superior, well-integrated and proven technology to protect their systems.”
Oil and gas industry usually run extensive operations with sites in hard-to-reach locations, as stated by the report. It is very important to operate remote monitoring for performance, quality control and safety, however with bandwidth limitations and the focus on availability, communications are left unencrypted.
It is a critical risk when focus is on data availability which makes financially motivated ransomware makes its moves to attack. Millions of dollars are at stake when a planned and well-executed ransomware attacks cause damages and down time. Known cases of ransomware damaging oil and gas companies are the ones that causes the most havoc, which results in a higher likelihood of the perpetrators being paid.
One of Advanced threat groups, APT33, has come under inspection by oil and companies since their usual attack on military and defense organisations with geopolitical agendas. The sector is also at risk from attacks designed to steal sensitive information and financially motivated ransomware.
In the report, Trend Micro Research details a wealth of tools and techniques readily available for attackers in cybercriminal underground forums, including DNS hijacking, phishing of VPN and webmail services, zero-day exploits, webshells, mobile malware and more.
Trend Micro recommends a range of defensive strategies to mitigate the cyber threats facing oil and gas firms, including:
Domain name security, like two factor authentication for changes to DNS settings
Data integrity checks
SSL certificate monitoring
Two factor authentication for webmail
Improved employee training
Comprehensive risk assessment of cloud services