Skip to main content

Keeping production safe in cyberspace

Published by , Editor
Oilfield Technology,


Dr. Scott McVicar, BAE Systems Detica, analyses the cyber threat to the oil and gas industry.

Organisations operating in the oil and gas sector are facing a new and important challenge as they balance the drive for operational efficiency against an emerging risk of cyber attack.

In the face of increasing production costs, fluctuating demand across a global stage and increased geographical diversity in production, those organisations which can flex production with greatest agility and efficiency will prevail. This is driving a trend to connect industrial control systems with corporate IT networks. Such connectivity provides great benefit in two main respects: it reduces operational costs through centralised management and control of plant and it enables production to be flexed efficiently in order to meet variations in demand.

However, such connectivity carries with it an increased level of risk from cyber attack. It provides new opportunity for a hacker to sabotage production capability remotely and deniably. The potential gains to such attackers are substantial, either to achieve commercial or political ends or for straight financial reward to organised criminals.

The August 2012 attacks on Saudi Aramco and RasGas, the national oil producer for Saudi Arabia and state petroleum company of Qatar respectively, are prime examples. In both cases, cyber criminals attacked the corporate IT system of the companies using malware called Shamoon, but rather than attempting to steal information, the attacker was seeking to damage the companies’ operations. The Shamoon attack was relatively unsophisticated, and has been widely reported to be attributable to the ‘Cutting Sword of Justice’ group.

However, other more sophisticated attacks have also taken place. An example of this is the Stuxnet cyber attack on Iran in 2012, widely speculated to have been a joint effort by the governments of the US and Israel. This was a computer worm, aimed at the Natanz uranium enrichment facility and reportedly designed to damage centrifuges by making covert adjustments to the machines controlling them. This was one of the first attacks designed to inflict physical destruction, rather than simply steal information.

It is important to highlight that the larger and more diverse the organisation, the greater the number of network vulnerabilities for cyber attackers to exploit.

So, the benefits of connectivity between industrial control systems and corporate networks are real and significant. In the modern, global,  hyper-connected economy, organisations must take this step in order to drive down costs and meet demand as efficiently as possible. However, such connectivity carries with it a new and inherent risk from cyber attack. 

Against this backdrop, the good news is that an effective cyber strategy can frustrate these attacks without acting as a barrier to the efficiency gains. Such a strategy will assess the level of risk along with the potential business impact thereby identifying vulnerable areas where investment in defence should be channelled. Any such strategy must consider a number of critical lines spanning people, process, training, policy as well as technology. In short, a comprehensive cyber security strategy provides a means to enable information flows that greatly increase business efficiency and operational effectiveness while protecting critical operational networks from attack.

Within this context, Detica has witnessed a positive response from the industry as a whole. Increased awareness of the threats has been met with the implementation of cyber defence strategies, which are now considered in overall business strategies for a connected and protected network.

However, these strategies do face an inherent ‘Catch 22’ between the differing philosophies around the design of mission critical industrial control systems and the needs of defensive cyber security. The key driver for industrial control systems is operational availability and integrity; the designs are kept as simple as possible, and are kept frozen for as long as possible in order to maintain reliability. However, an effective cyber defence needs to maintain pace with a rapidly evolving adversary. It therefore needs frequent upgrades and adaption. This ‘Catch 22’ needs to be addressed in order to maintain an effective defensive posture without inherently destabalising production in its own right.

A new solution is needed to effectively mitigate the vulnerabilities of having a converged IT network by using cutting-edge technology to ensure the security of industrial control systems. This is what guided BAE Systems Detica’s military grade solution, IndustrialProtect, which provides the necessary security controls in a single appliance. It delivers security enforcement, whilst also enabling the business to maintain efficiency through secure information sharing and connectivity.

The solution works by verifying the identity of the individual or system sending information, that the information is received is as it was sent and also that the content is intended and appropriate for the receiving system. It is designed to work within existing network infrastructure without the need to modify either the industrial control system or the corporate network. Modifications to maintain pace with the cyber attacker are implemented in the IndustrialProtect solution, precluding the need to modify the plant itself. Critical systems are thereby protected from access, manipulation and control by those intending to carry out harm through disruption and sabotage.

Cyber crime is a growing threat for the oil and gas industry with the potential for devastating effects as the types of attack shift from espionage to sabotage. However, these threats can be minimised with an effective cyber defence strategy which, when implemented as part of a wider business risk management strategy, can help reveal what parts of the business are most vulnerable and enable investment in security solutions to be channelled effectively.

Adapted by David Bizley

Read the article online at: https://www.oilfieldtechnology.com/exploration/06122013/keeping_production_safe_in_cyberspace/

You might also like

 
 

Embed article link: (copy the HTML code below):


 

This article has been tagged under the following:

Oil & gas news