HOUSTON—The oil and gas industry is under cyber attack, for profit or panic, and the need for information sharing has never been greater, according to a security expert speaking at the American Petroleum Institute’s (API) annual conference on Nov. 10.
“These attackers might want your drilling techniques, your merger and acquisition information, or they want to disrupt your production or destroy your critical infrastructure,” said Cindy Donaldson, senior vice president for Financial Services-Information Sharing and Analysis Center (FS-ISAC).
“The need to share among a community is even greater because one organization’s incident can become the industry’s response.”
With API’s assistance, the center recently launched the Oil and Natural Gas Information Sharing and Analysis Center Oil (ONG-ISAC) to combat cyber attacks.
Consider some recent incidents:
- Hackers were able to breach vulnerable IT security networks of some oil and gas companies and get past antivirus programs, according to computer security firm Panda.
- Earlier this year, the U.S. Securities and Exchange Commission unsealed court documents that accuse two men of hacking into two or more newswire services between 2010 and 2014 to steal hundreds of corporate earnings announcements before the newswires released the information publicly. The scheme, allegedly led by two Ukrainians, generated more than $100 million in illegal profits, the SEC said.
The attacks show that security threats are becoming more elaborate and should remain on the radar of oil and gas companies, which have been frequent targets in the past.
Donaldson noted that in Verizon’s 2015 Data Breach Investigation Report the proportion of breaches discovered within days falls well below that of the time to a system’s compromise. In most cases, attackers are able to hack a company’s system within minutes.
But oil and gas companies can help defend themselves against such attacks.
Donaldson said the FS-ISAC is similar to a neighborhood watch program, focusing on sharing information about cyber threats among various sectors. Formed in 1999, the center serves the financial, health care, legal real estate and retail sectors, among others. The center has 18 working groups and more than 6,500 members in 38 countries. They assess more than 1,000 threats monthly.
“No sector is exempt from these attacks,” Donaldson said. In a typical week, attacks included 12 cyber crimes, four hacktivist acts and two espionage cases across multiple sectors.
The center’s new oil and gas industry center, ONG-ISAC, became operational in October. It offers a secure web portal where members can share information on threats, real-time notifications and access to security experts.
Like the FS-ISAC, the oil and gas center utilizes the so-called “traffic light” protocol for information sharing.
“Members have the option of submitting information either anonymously or with attribution,” according to the center’s website. “Only ONG-ISAC members will receive information that is classified as red or amber; non-members will only receive information that is classified as white.”
The service is not free, however; annual membership costs range from $2,000 to $50,000 depending on the company’s annual revenue.
“Everybody is going to be contributing in terms of intelligence as much as possible,” said David Zacher, a consultant for Deloitte. “The bigger companies will be helping out the smaller companies but really we are only as secure as our weakest link. We need to ensure that all aspects of the oil and gas industry remain safe.”
As part of the process, a company submits information about a known threat or vulnerability, and the incident is given a threat level. Threats are analyzed and industry experts provide recommended solutions. Submissions are also sanitized, respecting the confidentiality of each company.
API helped form the center, which aims to attract not only upstream companies, but also midstream and downstream companies as well as industry groups and service and supply companies catering to the oil and natural gas sector.
As the new ONG-ISAC grows, focus will also be on identifying the best cyber security practices in other sectors and within the sectors that are “keeping their neighborhoods safe,” he said.
“It really takes collaboration among all of the oil and gas members. The richer the content that we put in, the better the quality of information we are going to be able to put out,” Zacher said before comparing the group to a neighborhood watch community. “We are forming a neighborhood watch around the oil and gas sector, but we are also collaborating with other neighborhoods.”
Velda Addison can be reached at vaddison@hartenergy.com.
Recommended Reading
Hess: Pre-emption Provision Doesn't Apply to Buyout Deal With Chevron
2024-02-27 - Hess Corp. said on Feb. 27 that a pre-emption provision does not apply to its proposed $53-billion buyout by Chevron Corp. and it remains "fully committed" to the deal.
EQT, Equitrans Midstream to Combine in $5.5B Deal: Reports
2024-03-11 - EQT Corp.'s deal would reunite the natural gas E&P with Equitrans Midstream after the two companies separated in 2018.
Marketed: Anschutz Exploration Corp. WI Opportunity in Converse County, Wyoming
2024-01-26 - Anschutz Exploration Corp. retained EnergyNet for the sale of its WI participation option in Converse County, Wyoming.
Excelerate Energy, Qatar Sign 15-year LNG Agreement
2024-01-29 - Excelerate agreed to purchase up to 1 million tonnes per anumm of LNG in Bangladesh from QatarEnergy.
UK’s Union Jack Oil to Expand into the Permian
2024-01-29 - In addition to its three mineral royalty acquisitions in the Permian, Union Jack Oil is also looking to expand into Oklahoma via joint ventures with Reach Oil & Gas Inc.