As North America's oil and gas industry is struggling with market and infrastructure issues, there is another threat to the industry that has been causing concern over the past few months — cyber attacks.
About 10 months ago, the U.S. Department of Homeland Security issued three separate alerts over attacks targeting both U.S. and Canadian natural gas pipeline companies. In September 2012 a major pipeline operator, managing more than half of all pipelines available in the Western hemisphere, reported a cyber attack that broke through its security system and its internal firewall. As instances of cyber attacks increase in frequency, Canadian energy companies and oil and gas businesses are starting to take the risk seriously and prepare for a response.
According to Travis Davies, a spokesman for the Canadian Association of Petroleum Producers (CAPP), hackers from various groups have been targeting the energy industry in the hope of stealing intellectual property and services, to commit fraud or just to disrupt business. Many businesses are now taking steps to prevent or counteract attacks by appointing specialized cyber security staff. The CAPP itself has a cyber security working group which consists of personnel from different member companies and where best practices and details on non-competitive intelligence can be shared and discussed, Davies added.
The biggest threat is believed to be coming from Chinese hackers, who have been the prime suspects in cyber espionage for years. The Chinese government is known to put a lot of emphasis on cyberspace as a key domain to balance the powers of China and other countries and it is a well known fact that China is unrivaled in its cyber watching activities, Dr. Ron Deibert, director of the Canada Centre for Global Security Studies at the University of Toronto, told the Financial Post.
In one of the worst cyber attacks, Telvent, a global provider of IT systems for pipeline, energy utility, agriculture and other industries, had malicious software installed on its company machines and important project files stolen. The company has reassured its clients that the problem has been resolved and all malware files have been eliminated. In a statement, Telvent also claimed that the company was cooperating with law enforcement, security specialists and with all affected customers to make sure that the consequences of the attack are fully dealt with.
The problem is not isolated in Canada; energy companies in the United States have also been targeted. Ulf Lindqvist, head of research and development at California-based research institute SRI International, explained that the energy sector will have to be ready for cyber attacks as they are likely to increase. Even if cyber attacks do not leave anyone physically hurt, they are a serious threat to companies and can have grave implications for business. The energy industry does not make security a priority and is not experienced in the field and that is why more cooperation between oil and gas companies and cyber security specialists is needed, he concluded.