The Associated Press recently reported that oil and gas companies, including some of the largest in the industry that operate along the Gulf Coast near Houston, have become a popular target for hackers. Many companies are using decades-old technology and unprotected wireless signals to connect computer networks to equipment, leaving refineries, pipelines, and chemical plants vulnerable to attack. In fact, the Houston Chronicle reported 350 security incidents and uncovered nearly 900 security flaws at energy companies between 2011 and 2015.
Cybersecurity issues have become more prevalent with the rise of the high-tech oilfield. In the high-tech oilfield, data is constantly being collected from wellheads, pipelines, mechanical systems, and other equipment. This data is automatically transmitted to operations centers, where it is centrally monitored, managed, measured, and tracked. Using real-time analytics, oil and gas companies can optimize operations and productivity, prevent unplanned outages caused by equipment malfunctions and failure, reduce operating costs, and improve safety.
The rise of the high-tech oilfield is being driven by the Internet of Things (IoT), machine-to-machine (M2M) communications, and supervisory control and data acquisition (SCADA) systems. As IoT technologies and applications have matured, IoT adoption has increased and use cases have expanded. In addition to using the IoT to manage assets and supply chains, oil and gas companies are recognizing the value of collecting information across their operations. IoT data is capable of delivering insights that enable organizations to increase reliability, optimize operations, and create competitive advantages as well as new revenue streams.
However, as new technology has been deployed, more cybersecurity issues have emerged. The integration of modern technology with SCADA has opened the door for hackers to disrupt operations, steal intellectual property, and shake up the oil and gas market. Attacks could come from state-sponsored actors, terrorists, and even environmental activists. Legacy SCADA equipment and IoT sensors that lack modern security controls are popular targets and offer thousands of points of entry. But it’s not just equipment in the field that is threatened. A spike in ransomware attacks during the past two years has organizations scrambling to train employees about phishing threats and implement formal response procedures.
The convergence of information technology (IT) and operational technology (OT) into a shared infrastructure is also increasing the risk of a security breach. Many of these environments are connected to the external Internet, making it more difficult to monitor for anomalous or malicious activity, identify vulnerabilities, and protect critical assets.
Oil and gas companies need to approach vulnerability management with a greater sense of urgency. A security information and event management (SIEM) solution is capable of integrating and analyzing vulnerabilities across an organization and its supply chain. Through customized dashboards and reporting, a SIEM can provide insights that help companies detect and respond to threats, prioritize security risks, maintain compliance, and assess the effectiveness of their security strategy. A SIEM can provide complete visibility into the network, which is critically important to oil and gas companies with geographically dispersed assets serving as sources of data.
As adoption of the IoT and other advanced technologies continues to increase in the oil and gas industry, companies must be proactive in securing their operational assets and data. Even when security shortcomings in legacy equipment have been addressed, security initiatives must be ongoing and constant to keep up with emerging threats. Consider the use of a SIEM to holistically manage security and vulnerability across your entire organization.