Cyber crime costs offshore oil and gas companies millions each year in lost business and damaged equipment, a cyber attack on critical infrastructure, such as an oil rig, can result in more than just lost revenue but it can be catastrophic for the environment and have far reaching impacts.
However, cyber security on actual installations is a growing issue in the oil and gas sector, since critical network segments in production sites, which used to be kept isolated, are now increasingly connected to networks.
This is causing growing concerns that cyber attackers targeting an oil or gas installation could cause a disaster.
The industry is generally keen to play down the actual risk of such threats the industry faces many potential threats including from eco-activists, terrorists, opportunists looking to make money and even countries aiming to disrupt another nation’s supply.
There are, of course, many less critical threats the industry faces. These are the focus of a new joint industry project set-up to produce guidelines for protecting oil and gas installations against cyber security threats using the IEC 62443 standard tailored to the oil and gas industry.
These include malware getting into a plant, which is costly to expunge and may result in plant closures, as well as stolen data, which may be commercially sensitive.
Cyber crimes costs energy and utilities companies around $12.8m each year in lost business and damaged equipment.
However, this figure could be much higher, as companies often do not want to make a systems breach public knowledge, thereby essentially highlighting a weakness in their system.