How Cyberattacks Shut Down Pipelines and How to Improve Security

news-details

Digital transformation has enabled the oil and gas industry to boost productivity, increase efficiency and reduce costs. Unfortunately, it has also increased the possibility of cyberattacks with the potential for creating global chaos.

Pipeline Security

The benefits and risks all flow from the increased integration of operational technology (OT) and information technology (IT) networks. The convergence of physical and digital systems supports the automation of critical processes and enhances data collection and analysis. Yet, it also exposes the systems to all manner of threats.

Once malware infects an Internet-connected IT network, it can make the hop onto the OT network of industrial control systems. Data-encrypting ransomware or data-wiping malware variants can obscure all operational data, making it impossible for operators to monitor or control pipeline transmissions.

The 2021 Colonial Pipeline ransomware attack brought the risk into the public eye. Attackers breached the company’s IT network through an email-borne phishing attack and encrypted billing records and other key data. The company shut down the pipeline to prevent the ransomware from spreading to its OT systems. The six-day shutdown interrupted the flow of petroleum products between Texas and the East Coast, drove gas prices to their highest levels in years and led President Biden to declare a state of emergency.

Threats Increasing

It was not an isolated incident. More than two-thirds of oil and gas companies have experienced at least one cyberattack, according to a Ponemon Institute survey. The increase mirrors the rise of converged IT/OT systems. For decades, critical operational technologies such as flow meters, pressure sensors, temperature controls, level sensors and other instrumentation were functionally separated from IT systems. They weren’t designed with most IT cybersecurity protections because they weren’t intended to connect to public networks such as the Internet.

More than two-thirds of oil and gas companies have experienced at least one cyberattack.

Digital transformation has upended that model by connecting machines, sensors, systems and networks. According to a Deloitte report, a typical large-scale oil and gas company now has thousands of connected control systems spread across large geographic areas, with hundreds of thousands of processors generating and transmitting petabytes of sensitive field data.

To address the growing risk, the Government Accountability Office (GAO) recommends replacing or upgrading legacy OT infrastructure. Many legacy devices rely on unsupported operating systems that no longer receive software security patches to address vulnerabilities. In addition, they often lack the ability to log commands sent to the devices, which makes it difficult to detect malicious activity.

Recommended Actions

  1. Conduct an audit of all network and infrastructure devices to identify any that might be vulnerable, how they might be exploited and how that might affect the organization’s security posture. Consider working with a security specialist to conduct regular vulnerability assessments and penetration testing to ensure continuous analysis.
  2. Install data diodes between the OT and IT environments. These hardware devices are placed between two networks to ensure information can only travel in one direction. This allows network telemetry data and communications to travel out from the OT infrastructure but not back in, preventing malware from making the hop from IT to OT systems.
  3. Implement end-to-end encryption along with strict authentication and access control processes for all systems.
  4. Segment networks into isolated parts with unique security controls for each segment. This prevents malware infections from spreading throughout the entire network.
  5. Create air-gapped and immutable backups that can’t be altered or deleted to ensure access to data in the event of an attack.

GDS has specific expertise in developing, deploying and managing secure connectivity solutions for the energy industry. Contact us for additional recommendations on securing critical oil and gas infrastructure.

You can share this post!

Submit News