Acasă » General Interest » Economics&Markets » Energy companies invest too little in cybersecurity

Energy companies invest too little in cybersecurity


Amid rising threats, including a recent attack on several U.S. power and natural gas suppliers, energy companies are now spending less than 0.2 percent of their revenue on cybersecurity, at least a third less than financial institutions, according to Precision Analytics LLC and The CAP Group LLC, security consultants that work within the industry.

Meanwhile, Symantec Corp. says it’s tracking at least 140 groups of hackers actively targeting the energy industry, up from 87 in 2015. And Symantec is just one of several security firms working with the industry, according to Bloomberg.

“It’s scary,” said Brian Walker, a former head of Marathon Oil Corp.’s global IT and now an independent consultant. Executives making funding decisions “aren’t necessarily millennials who intuitively understand” how cyberthreats reach seemingly disconnected units, he said.

“It’s guys my age that are the problem,” according to Walker, who said he’s in his early 50s. “We’ve been 30-years trained in a world that doesn’t work this way anymore.”

Earlier last month, at least seven pipeline operators from Energy Transfer Partners to TransCanada Corp. said their third-party electronic communications systems were shut down, with five confirming the service disruptions were caused by hacking.

Though the attack didn’t disrupt supply, it served to underscore an ongoing vulnerability to electronic sabotage. It showed how even a minor attack can jump between systems with ripple effects, forcing utilities to warn of billing delays and making it more difficult for analysts and traders to predict a key government report on gas stockpiles.

This “cyber blindspot is a real challenge,” Walker said. “Our fear is that we will play an ostrich and put our head in the sand until something blows up and people get killed or until the lights go out for a month.”

The threat isn’t new, but it is escalating.

In 2012, Saudi Aramco production was locked down during the disk-wiping Shamoon incursion, and the company was hit again by the same group in November 2016, said Bill Wright, director of government affairs and policy counsel for Symantec in Washington. In 2015 and 2016, Ukraine was hit with blackouts by state sponsored groups, a blow to the economy as well the healthy and safety of its citizens.

In the U.S., Symantec has been following another group, nicknamed Dragonfly, that’s been around since at least 2011. Last year, the group became “a lot more aggressive,” with the goal of soliciting information on how energy companies work and figuring out how to maintain stealth access on their systems, according to Wright.

The Federal Bureau of Investigation and the Department of Homeland Security issued a joint technical analysis about a month ago, tying Dragonfly to the Russian government and describing its ability to conduct sabotage, Wright said.

The low levels of spending by the industry comes as it rushed to adapt new ways to produce more product at a lower cost amid and following a historic, three-year rout in oil prices.

Over the last few years, the industry has been quickly adding electronic sensors and other monitoring capabilities to track data from 900,000 oil and gas wells, and 300,000 miles of pipelines. Complex computer algorithms at every level of the industry are constantly adjusting the flows of everything from oil and natural gas to electrical power, with automatic valves in place that can shut down flow at a moment’s notice in the case of an accident with no human action needed.

And all of it is hackable, according to Walker and other experts.

Leave a Reply

Your email address will not be published. Required fields are marked *