Drilling sites, pipelines and refining operations all rely on complex networks of sensors, controllers and software to maximize productivity and prevent costly accidents. Wireless devices like digital two-way radios, smartphones and tablets play a vital role in keeping the fuel flowing, but they also offer tempting targets for cybercriminals looking to compromise vital energy company data.
In a white paper published in 2014, Motorola Solutions noted that energy companies have represented 40 percent of the targets of cyber attacks. The white paper, “Protecting Operations in the Energy Sector Against Cyber Attacks,” also quoted a prediction that “cyber attacks against oil and gas infrastructure will cost companies $1.87 billion by 2018.”
Key sources of cyber attacks
Cyber attackers can have a whole host of motivations — personal, economic, political — for breaking into an energy company’s network and causing havoc. Motorola’s white paper noted three principal sources of intrusions:
- Spear phishing — Using emails that appear to be from an individual or business known to the target, spear phishers hoodwink unsuspecting users into providing access to company networks.
- Advanced persistent threats — Part of a longer-term campaign of espionage and sabotage, these attacks typically zero in on critical infrastructure. One such attack hit 30,000 hard drives at Saudi Aramco, destroying data on the oil and natural gas company’s Windows-based machines and forcing the replacement of the hardware.
- Insider threats — Employees with access to key networks have been known to lend assistance to cyber attackers.
Awareness of these sources is the first step toward hardening vital networks against attacks.
Where cyber attackers strike
Any access point on a digital network creates a potential vulnerability, including digital two-way radios. Motorola’s white paper notes three likely targets of cyber attacks.
- Newer technologies such as those controlling drilling rigs and cloud-based services
- Once-isolated plant control systems that are now integrated with corporate networks or vendors
- Private smartphones and devices used by company employees
The white paper notes that 96 percent of mobile devices do not have encryption protection.
And these are not trivial concerns: a malicious intrusion can result in “personal injury, catastrophic equipment damage, lost production capacity, environmental impact or violation of legal and regulatory requirements,” the white paper says.
Addressing the risks of cyber attacks
Motorola Solutions recommends the NIST Cybersecurity Framework, which provides guidance for targeting cyber security risks, hardening company networks against potential attacks, and addressing security breaches. This framework is the basis of Motorola’s four-pronged cyber security checklist:
1. Identify critical assets — First, a company needs to identify the mission-critical technology assets that support its business objectives. Then it needs to conduct risk assessments to find vulnerabilities.
2. Protect IT, radio network and operational technology environments — Critical infrastructure must have airtight defenses. Also, workers need to be trained to prevent accidental network intrusions and recognize phishing attempts.
3. Detect potential threats — A broad spectrum of hardware and software has been developed to sniff out the activities of hackers and other cyber attackers. These tools are pivotal to preventing attacks.
4. Respond and recover — Cyber attackers are so relentless that breaches are inevitable. Having a robust plan in place will minimize the damage they can do if they manage to get past your defensive perimeter.
While digital technologies create potential vulnerabilities, they also provide ways to address them. For instance, simply upgrading to digital two-way radios and using their encryption capability can tighten operational security in wireless networks. The key is to work with a vendor who understands these threats and has a track record for addressing them.