Colonial Pipeline fuels a surge in attacks on oil and gas

Looking back at cyberattacks over the last quarter, Colonial Pipe-line easily holds the beacon for the incident that prompted the most concern. Following the incident, the US government stepped up its focus on cyber security, with President Biden introducing new laws around the security of critical national infrastructure and warning the Russian President that the sector should be off-limits when it comes to cyberattacks.

However, based on Obrela’s latest Digital Universe Study, Biden’s warnings are having little effect. Key findings from the April – June 2021 revealed:

• Oil and gas was one of the only industries to consistently see an increase in attacks on its systems, while many other industries actually saw a reduction.
• The industry saw:
  • An 18% increase in attacks on its users and endpoints.
  • A 22% increase in attacks on its cloud environments.
  • A 12% increase in attacks on its IT infrastructure.
  • A 29% increase in attacks on its system/perimeters.
  • A 14% increase in web attacks.
  • A 22% increase in APT/malware attacks.

The well-publicised Colonial Pipeline attack caused fuel shortages across the East Coast of the US, resulting in people missing work and supply chain delays. Finally, the world was seeing what the security industry had been predicting for years – cyberattacks having a physical impact and interfering with people’s daily lives.

Obrela’s latest Digital Universe Study shows that Biden’s warnings are having little effect, with data from the last quarter showing that cyberattacks on oil and gas have significantly increased across the industry’s entire IT estate in the last three months.

Every quarter Obrela releases its Digital Universe Study, which is a roundup of the attacks targeting our customers from the last three months. The study runs a comparison from the same quarter in the previous year to understand how attacker techniques are changing, which industries and continents are facing the most attacks and what within the IT infrastructure is being attacked most frequently.

The data highlights that as the world watched Colonial Pipeline fall to its knees at the hands of ransomware, attacks on the whole oil and gas sector were heating up as cybercriminals across the globe tried to cash in on other pipelines.

The latest victim is Saudi Aramco, the world’s most valuable oil producer, which is currently being held to ransom by cybercriminals for US$50 million following a leak of its data on the dark web. This reinforces the findings of Obrela’s data – attacks on oil and gas are rising and we should expect them to get worse as cybercriminals test the industry’s defences.

“Despite President Biden’s warnings in June that critical national infrastructure should be off-limits, our data reveals that the oil and gas sector is a prime target for cybercriminals today, which has most likely been prompted by the attack on Colonial Pipeline. When Colonial Pipeline publicly admitted to paying the ransom, attackers gained intelligence around how a successful attack on the sector is almost guaranteed to amount in a pay-out. The sector is at a greater risk than ever before and addressing security risks and hardening systems must be the number one priority,” said George Papamargaritis, MSS Director at Obrela.

Read the article online at: https://www.worldpipelines.com/business-news/03082021/colonial-pipeline-fuels-a-surge-in-attacks-on-oil-and-gas/