It is being reported that the oil and gas sectors have suddenly become more vulnerable to cyber threats.
In 2013, we at HackRead reported how oil and gas sector faces serious physical and online security threats. Now, as per the data received by firms belonging to the oil and gas industry, 2015 has been quite trying and testing for them.
It can be stated so because a majority of oil and gas industry firms (more than 82%) were targeted by cybercriminals within the last 12 months.
The findings were obtained by Tripwire, a security vendor firm, through a study conducted to analyze the extent to which firms in energy, oil, and gas sectors were prone to cyber threats.
More than 150 IT professionals from firms related to the abovementioned sectors responded to
Tripwire’s study and the results painted a grim picture of the energy industry, which witnessed a series of successful malware attacks.
The most recent such incident occurred in Ukraine in which the country’s main power grid system underwent prolonged power outages during the Christmas holidays.
More than half (53%) of the 82% of companies that were targeted by hackers last year state that they experienced an overwhelming upsurge in attacks.
Approximately, 50% to 100% increase in attacks was observed whereas 21% of the companies reported at least 20% and maximum 50% increment in incidents. Moreover, 11% of the companies reported less than 10% increase in the incidences of cyber attacks in comparison to 2014 statistics.
What is even worse is the fact that 69% of the IT professionals responsible for security measures for the 82% companies admitted that they aren’t adequately prepared for detecting a cyber-attack in case it happens.
However, the good news is that because of the way a majority of systems that are implemented in oil and gas firms, the Information Technology/IT and Operational Technology/OT networks are separated from each other.
Therefore, if the IT network becomes the victim of a cyber attack, then the chances of a hacker accessing the ICS/SCADA systems are quite low.
Yet, it is unfortunate that oil and gas sector firms haven’t realized that IT and OT have completely different roles to perform, as they still perceive them as one unit.
According to the Tripwire survey findings, 72% of the total companies that participated, a single executive is responsible for protecting both the IT and OT systems. On the other hand, in 19% of the total surveyed enterprises, the jobs are performed by two different persons.
Moreover, in 8% of all companies, the information security expert role is shared by the same individual who isn’t an executive and apparently, has no particular say in the day-to-day operations of the firm.