Page 17 - Gi June/July 2019
P. 17
he oil and gas industry faces
increased cyber-attacks. While
there are many opinions as to
why this is, what isn’t disputed
T is that the threat is real and
organisational defences are falling. In
December 2018, Italian oil company
Saipem confirmed its operations were
disrupted due to the organisation’s
computer systems being infected
by Shamoom, a computer virus that
can be traced back to 2012. In the
same week, the destructive malware
was also blamed for at least two
other attacks against organisations.
Earlier in the year, at least four US gas
pipeline operators were shut down by
hackers. The threat is real.
A further key concern is that threat
actors may not be looking to cause
disruption, but physical harm. In
2017, a new malware was discovered
that was designed not only to damage
systems but to potentially maim
humans. The malware, named
Triton and first discovered in a Saudi
Arabian petrochemical plant, actively
targeted safety systems.
These are just a few illustrations.
The list goes on and governments
around the world caution that the
threat will worsen rather than lessen.
In 2017, a new malware
was discovered that was
designed not only to damage
systems but to potentially
maim humans
Digital transformation – but at what cost?
Industry 4.0 has revolutionised
onshore oil and gas production,
storage and delivery. Business
leaders order the implementation of
new technological tools that benefit
the bottom line through enhancing
efficiency and output.
The result is that the data side of
the business, traditionally the realm
of IT, and the operational technology
(OT) side, used to managing
industrial systems (ICS), have
merged. This convergence is busting
open previously siloed departments
and exposing the organisation to
new threats.
Caught in the middle are the IT and
security professionals tasked with
realising the ambition, securely.
As the security program lead of a
large oil and gas company in the US
17
ProtectingAgainstCyberAttacks.indd 2 16/05/2019 14:20
