32 cyber attacks leave oil sector vulnerable
The global oil and gas sector, last year, recorded about 32 cybersecurity attacks, a report published by an organisation, Tenable, has revealed. Among the 29 industries reported during the report, the oil sector falls to number 10 industry that remains highly vulnerable to cybersecurity threats.
The World Economic Forum had noted that the complex systems and technologies being used by the oil sector made it increasingly vulnerable to cyberattacks.
While the WEF had established the Cyber Resilience in Oil and Gas initiative to improve cyber resilience across the oil and gas ecosystem, it noted that cybersecurity remained critical to the sector.
The new report noted that healthcare and social assistance ranked first, with 472 breaches, public administration ranked second, with 162 breaches, and educational services ranked third, with 137 breaches.
The statistics captured by the technology firm consist of recordings captured from November 1, 2021, through October 31, 2022, and include breaches dated within the specified period as well as breaches reported in that timeframe that lacked a breach date.
About1,335 attacks were reportedly tracked by the firm last year, a development which is 26.8 percent less than the 1,825 incidents it tracked during the same period a year earlier.
The report noted: “Based on our past examination of breach data, we recognise that the disclosure process for breaches takes time and, therefore, some breaches may not be made public until months or years after the incident occurs.”
The firm noted that most of the attacks occurred in Europe, the Middle East and Africa.
A senior staff research engineer at Tenable, Satnam Narang had told Rigzone that ransomware attacks were responsible for 39 per cent of attacks against the energy sector in general.
This development, according to Narang, is four percent greater than the global average for ransomware attacks across all sectors.
“As we’ve observed over the last few years, ransomware groups are well-oiled machines, working with partners (known as affiliates) to conduct the attacks, while the groups rely on a variety of staff to manage a variety of business functions, from human resources, marketing to negotiating payment from victims, extorting them for hundreds of thousands to millions of dollars,” Narang said.