SUCCESSFUL CYBERATTACKS against the petroleum industry have been steadily increasing in frequency and complexity throughout the past decade. A recent ICS-CERT report for the US Department of Homeland Security indicates the energy sector had 46 cyber-incidents in 2015, making it the second-largest target for critical infrastructure attacks. Spear phishing, a method cyber-criminals use to retrieve personal information, and network scanning are the most common methods of attack. In 2012, the Shamoon malware cyber-attack on Saudi Aramco was responsible for overwriting the hard drives of as many as 30,000 workstations of Saudi Aramco and RasGas. Although unsuccessful, the attack was aimed at stopping oil and gas production in Saudi Arabia and prevent the flow of resources to international markets. While an attack this notable has not hit the US to date, industry professionals should be aware of the very real cyber-threats that could bring down the more than 2.3 million miles of pipeline in the US as well as their business operations and livelihood.
展开▼