Page 6 - NorthAmOil Week 19 2021
P. 6
NorthAmOil GUEST COMMENTARY NorthAmOil
Colonial Pipeline hack sounds
alarm for greater OT security
It is time for oil and gas companies to take a closer look at their security
solutions, writes Chris Bihary
US IT has been less than a week since Colonial Pipe- This means that oil and gas companies – includ-
line, the Georgia-based operator of a petroleum ing upstream, midstream and downstream
WHAT: product pipeline network that runs across 13 operators, as well as service providers – should
The ransomware attack states from Texas to New Jersey, revealed that all assume that they are on the list of targets, no
on Colonial Pipeline it had been hit with a ransomware attack. The matter how big or small they are.
has had serious attack appears to have been carried out by Dark- On the other hand, the consequences can be
consequences for US fuel Side, a for-profit operation that specialises in dire. Shutdowns, lockdowns and other disrup-
markets. double extortion schemes, which involve lock- tions are usually expensive for the companies
ing down the target company’s networks and involved, as well as a drain on the economy at
WHY: also releasing stolen data if the company does large. They can lead to regulatory violations,
The incident does not not pay the ransom demanded. legal troubles and poor public relations. Even
appear to have affected It also appears not to have infected any of worse, they have the potential to pose direct
the company’s OT Colonial Pipeline’s operational technology threats to the health and safety of workers and
networks, but it highlights (OT) networks. Nevertheless, the company nearby communities.
the link between took its 5,500-mile (8,851-km) network offline
security and operational in order to ensure that DarkSide malware could Time to take a closer look
continuity. not spread from corporate information technol- But what exactly should oil and gas companies
ogy (IT) systems into the OT systems that man- be doing to prepare?
WHAT NEXT: age the flow and distribution of fuel through its First, they should be taking a look at their own
Companies involved pipelines. cybersecurity solutions. If they do not have any,
in the oil and gas Since Colonial Pipeline accounts for about now is the time to find some. But even if they
sector should try to 45% of all the gasoline, diesel and jet fuel con- do have something in place, they ought to take
determine whether their sumed along the East Coast, the shutdown has a closer look and make sure those solutions are
cybersecurity solutions had significant consequences. It has triggered up to the challenge.
are robust enough to the shutdown of the largest refinery in the United That process will probably involve one or
withstand a rising tide of States. It has led major airlines to revise their more of the following steps.
threats. fuelling arrangements in order to avoid short- It is probably
ages. It has caused hundreds of filling stations to Steps to strengthen cybersecurity posture
run out of gasoline and diesel because they can- Asset discovery: Companies active in the oil going to take
not secure supplies through the usual channels. and gas sector should take a look at all of their a few weeks to
The company said on May 13 that it had been assets and determine exactly what their IT and
able to restart the pipeline. Nevertheless, it is OT systems consist of, including both hardware bring US fuel
probably going to take a few weeks to bring US and software. They should also determine how
fuel markets back to normal. these systems are connected – and how all the markets back to
components of each system are linked (For oil
Objective reasons for beefing up security and gas companies, this would involve identify- normal.
It will also take time to sort out the consequences ing every asset involved in the performance of
of this incident on the cybersecurity side. Even both administrative and operational duties).
so, companies active in the oil and gas industry –
and in all other sectors of critical infrastructure Asset inventory: It is not enough for compa-
– should start thinking now about how to guard nies to draw up a list of assets. They also need
against the next attack. an organised inventory that explains what each
There are objective reasons for increased vig- asset does and how each asset works with other
ilance. On the one hand, the number of cyberat- parts of the system. Additionally, they need a
tacks targeting the oil and gas industry is on the way to manage the inventory to ensure that it is
rise, not just in terms of absolute numbers, but updated each and every time there is a change
also in comparison to other sectors of the econ- in the line-up – for example, if new devices are
omy, as a recent Kaspersky report has detailed. added to a network or if existing software is
P6 www. NEWSBASE .com Week 19 13•May•2021