Energy companies at constant risk of cyberattack

Nation-states, terror groups and organized crime circles can shutdown pumping stations with something as basic as a laptop computer with an Internet connection. (File/Shutterstock)
Updated 08 October 2019

Energy companies at constant risk of cyberattack

  • Saudi Arabia is “getting ready fast” in ensuring it has the sufficient security measures to respond to such threats.
  • Big oil and gas companies in the region receive threats every second

DUBAI: The region’s top tier oil and gas companies are at risk of cyberattack at a rate of up to one every second, an industry expert said.

The drone attacks on the Aramco facilities in Saudi Arabia on Sept. 14 are well documented, but Marcus Josefsson, director for Middle East, Africa and Russia at Nozomi Networks, said cyber criminals were always lurking in the background.

Nation-states, terror groups and organized crime circles can shutdown pumping stations with something as basic as a laptop computer with an Internet connection.

“There is one threat every second — or every couple of seconds — but the real question is how many of them are successful,” he said.

Josefsson’s employer, Nozomi Networks, is a cybersecurity company that works on ensuring industrial control systems are secure.

“We’ve seen them many times in this region before. There’s a specific malware that gets into these systems, and then they can target the centrifuge or they can target the pumps, the valves, and just break things down completely,” he told Arab News on the sidelines of GITEX Technology Week.

In 2012, 30,000 computers were hacked in Aramco facilities, but oil production was not affected.

Josefsson said often the attacks come from “people who are in it for the money.”

“One thinks now that organized crime has almost the same turnover as the cybersecurity industry, if not bigger.”

But countries “definitely play a big part to it,” Josefsson said. “Imagine you are a nation-state — you have a number of friends and enemies, no matter what. You have spies and intelligence gathering so when something goes wrong, you want to be able to deploy and do something quickly. That’s exactly what goes on in oil and gas companies, airports — all these critical national infrastructures,” he said.

Josefsson said attackers are always lurking in these important systems, “scanning, finding out information” for when an attack is called for.

“If there were a red alert at some point, if it escalated between two countries, they would want to be able to play that card — to take out an oil rig, to take out a pipeline, most importantly to take out electricity or water,” he added.

Although the amount of “internal and external threats towards these oil and gas companies is staggering,” Josefsson said that the success rate is very low, and that the region is “catching up very quickly” in improving its cyber capabilities.

He said the region has worked over the years to improve the security of information technology (IT) – this involves network firewalls and anti-viruses. However, there’s still a need “to do a lot more” in securing operational technology (OT), a collective term that refers to computer-run machines including oil pipelines, power grids, and railway systems.

He added the problem with existing OT is that it was not built with cybersecurity in mind.

“These systems were built 20 years ago — for uptime purposes, safety of personnel, pumping as much oil as possible, that’s how it was built. The same holds for things like the electrical grid system — cybersecurity wasn’t even there,” Josefsson said.

He noted how Saudi Arabia is “getting ready fast” in ensuring it has the sufficient security measures to respond to such threats.

“They have a good plan in place. The Kingdom is mobilizing quickly. They are taking all the right steps, and I don’t see any other country moving as fast as Saudi Arabia at the moment. Saudi Arabia takes it seriously,” he said.

He emphasized how “securing critical national infrastructure is arguably more important here than it is in Sweden or in the UK. Take Aramco for instance, it’s such a massive part of the economy.”

In 2018 alone, Nozomi Networks, which has an office in Dammam and has worked with big oil and gas, utilities, and mining companies, recorded a customer growth of 500 percent in the region, according to Jossefson, who is predicting a whopping 1000 percent increase this year, in light of the recent attacks.

“They are a hundred percent aware,” he said. “Especially after the things that happened very recently, it became even more topical.”

Although "99 percent (of the threats) are very basic," Josefsson said: “It’s the one percent that organizations need to look out for.”

“Attackers only need to be lucky once.”


UK retailer Debenhams goes into the red again

Updated 10 April 2020

UK retailer Debenhams goes into the red again

  • Debenhams’ 142 UK stores are closed with Britain in coronavirus lockdown

LONDON: British department store group Debenhams went into administration for the second time in 12 months on Thursday, seeking to protect itself from legal action by creditors during the coronavirus crisis that could have pushed it into liquidation.

With Britain in lockdown during the pandemic, Debenhams’ 142 UK stores are closed, while the majority of its 22,000 workers are being paid under the government’s furlough scheme. It continues to trade online.

The retailer went into administration for a first time in April last year, wiping out equity investors including Mike Ashley’s Sports Direct, and is now owned by a lenders consortium called Celine UK NewCo. 

Debenhams said administrators from FRP Advisory would work with the existing management team to get the UK business into a position to re-open and trade from as many stores as possible when restrictions are lifted by the government.

Chief Executive Stefaan Vansteenkiste said that he anticipated the firm’s owners and lenders would make additional funding available to fund the administration period.

However, the group’s business in Ireland looks doomed.

Debenhams said that it expected administrators to appoint a liquidator to the 11-store Irish operation, which employs 2,000.

The moves makes Debenhams the first major retail casualty of the health crisis in Ireland, where the government, as in the UK, has closed all non-essential shops.

Ireland on Monday reported a trebling of its unemployment rate to 16.5 percent with a further surge expected later in the month.

“We are desperately sorry not to be able to keep the Irish business operating but are faced with no alternative option in the current environment,” said Vansteenkiste.