Home / COMMENT / Comment: ICS Analysis: Critical concerns

Comment: ICS Analysis: Critical concerns

by Guest on Jan 3, 2018

Doug Wylie, director of SANS Institutes Industrials & Infrastructure Practice Area.
Doug Wylie, director of SANS Institutes Industrials & Infrastructure Practice Area.

Cyber security breaches have rarely been out of the news in recent years and organisations of all sizes, across all industries and sectors, are falling victim. The threat is nowhere more apparent however, than in sectors such as oil and gas, and critical infrastructure that are reliant on industrial control systems (ICS) to maintain the smooth running of their operations.

A recent SANS report found that four out of 10 ICS practitioners lack adequate visibility into their networks to monitor assets and operations and to identify potential threats. This leaves them at risk of being unable to recognise and defend against cyber-attacks, putting critical infrastructure at risk.

Oil and gas: cyber security of critical concern

Cyber security is a critical area for concern within the oil and gas industry, where the range of potential threats is far wider and carries far more severe consequences than in other key industries. Disruption, damage and destruction from digital attacks have all emerged as real-world consequences the industry must now combat.

While not necessarily seen as a ‘cool high-tech’ industry, oil and gas remain absolutely pivotal to the functioning of the world we live in. These industries enable and support the infrastructure of society and worldwide economy so we have to ask the question, why are they so difficult to protect and therefore vulnerable to attack from cyber criminals?

According to the Repository of Industrial Security Incidents (RISI), cyber attacks against oil and gas organisations in the Middle East make up more than half of the recorded instances, in comparison to under 30% in the US and other Western countries. The Ponemon Institute reports that almost 68% of oil and gas companies worldwide were affected by at least one significant cyber incident in 2016, with many attacks assumed to be undetected, miscategorised or unpublished.

There is therefore no doubt that the oil and gas sector is a target. High-profile attacks in the Middle East include the massive cyber-attack in 2012 against Saudi Aramco, which either partially wiped out or totally destroyed data on 35,000 computers. This was followed three years later by an attack on Sadara, a chemical company owned by Aramco and Dow Chemical (DOW).  As recently as June 2017, companies across the industry and around the world including Russian oil and gas giant Rosneft were combatting a ransomware outbreak that physically and financially impacted operations- Rosneft’s public statement said they “avoided ‘serious consequences’ by switching to a backup system, but others were not nearly as fortunate.

While global spend in the oil and gas industry is expected to continue to decline, Middle East producers are looking to maintain spending in order to meet production targets. Saudi Aramco for example, plans to spend $334bn across the oil and gas chain by 2025, while Kuwait is expected to spend $115bn on energy projects over the next five years to help boost crude production capacity to four million barrels a day by 2020. The various control systems that will enable this efficiency and productivity are digital, networked, interconnected and in most cases, remotely accessible for monitoring, maintenance and even control. It is clear that the sector must therefore keep a close eye on the future to effectively protect itself from cyber-attacks.

The pros and cons of progress

Developments in technology and connectivity in the oil and gas arena have been instrumental in driving greater productivity, efficiency and revenues within industries such as oil and gas. Today, an industrial control system (ICS) that uses specialised industrial-grade hardware and software to monitor and control devices and machinery, sits at the heart of all operations and may be a nearly immutable single point of failure (SPOF) in the complex upstream, midstream, and downstream operations. But such advances have also increased the risk and introduced a myriad of new scenarios that can disrupt production and processes, impact safety and bring financial consequences. The adoption of cloud-based IT solutions, the widespread introduction of insecure connected devices into networks, and the increasing reliance on digital technology for operations and expanded connectivity mean that many systems are far more vulnerable to attack than they once were. 

In an ordinary business environment, a cyber breach of business IT systems can compromise data and revenues may be affected as a result. However, the potential damage can be far more severe when an attacker targets an organisation reliant on industrial control systems, such as oil and gas where digital and physical processes must necessarily converge.

SANS report explores cyber risks and threats

SANS Institute’s Securing Industrial Control Systems 2017 report explored how hundreds of ICS security practitioners worldwide are combatting cyber security risks and threats. These are the people responsible for identifying risks, protecting control systems and networks from malicious and accidental activity and recovering systems if and when things go wrong. The report shed light on the concerns of ICS practitioners, as well as their views regarding the most prevalent cyber security threats today.


Please click here to comment on this article


Name *
Email *
Subject: *
Comments: *


ArabianOilandGas Awards
Utilities middle east
Construction Week Online Middle East
Hotelier Middle East
Arabian Supply Chain Middle East