Multiple oil transport and storage companies across Europe are dealing with cyber-attacks. IT systems have been disrupted at Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands. In total dozens of terminals with oil storage and transport around the world have been affected, with firms reporting that the attacks occurred over the weekend.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>Whether or not this latest barrage of cyberattacks is coordinated or opportunistic, the point remains that the tradecraft of today has reached a point of escalation. In the past, breaches were often principally associated with data-loss and, while measurable, the impact to individuals might feel somewhat more abstract. This had the unfortunate side-effect that undiscovered or unpublicised data-loss may not prompt the remediation activities necessary to prevent their reoccurrence. </p>
<p>Today’s impact-based attacks won’t be felt in the abstract – there are very real, very physical consequences that may involve heating, transportation, goods, services, and frankly human well-being. There’s no sweeping them under the rug. Further, in many sectors, protection from these attacks won’t be achieved without serious modernization efforts around how technical risks are managed and mitigated. This is a serious problem, and not one to be solved in a vacuum – private and public partnerships to raise the bar on resilience, awareness, and shared expertise will be necessary to turn the corner.</p>
<p>Critical national infrastructure (CNI) is becoming an increasingly popular target for malicious actors due to the devastating impacts downtime and delays in this sector can have. You only have to look back at last year’s fuel crisis or the attack on US supplier Colonial Pipeline to see this in action. In this attack, the impacts have already spread far further than the three countries where these businesses are based, with the connected nature of the global supply chains resulting in ports in Africa and across Europe more widely also being affected.</p>
<p>With concerns about rising energy prices already adding strain to the sector, thwarting cyber-attacks targeting key infrastructure has never been more critical and the severe consequences of failing to do so are profound. Organisations responsible for the security of our CNI need to ensure that a layered approach to cybersecurity is in place, adopting a defence-in-depth approach that harnesses end-to-end security to address the organisation’s challenges (not least ensuring operational resilience in the face of a cyber-onslaught). Importantly, while defence-in-depth harnesses the power of security technology across all solution areas, it must also be supplemented by investment in both people and process to enable round-the-clock threat protection, detection and response.</p>
<p>This week has seen yet another significant ransomware attack in the <span class=\"il\">oil</span> and gas sector. A worrying pattern is now emerging of cyber-attackers targeting critical infrastructure in order to impede supply chains and cause as much economic disruption as possible. This latest attack should be a further reminder of the ever-increasing frequency, sophistication, and severity of cyber-attack we all face.</p>
<p>Having experienced a very similar cyber-attack in a previous company, I unfortunately know how crippling a ransomware incident like this can be on a company\’s continued ability to trade and the extreme pressure that is heaped onto an executive team to successfully navigate through such a crisis. The importance of all businesses constantly managing their cyber security has never been more apparent.</p>
<p>With both the global tensions impacting the access and availability of oil and gas, we can speculate if these recent attacks on oil suppliers throughout Europe are designed to inflame the existing tensions between some of the countries involved, or if the goal is more traditional profiteering as there has been plenty of media coverage on increasing gas and oil prices. </p>
<p>The challenge most organisations face today is that they use a variety of security tools with different capabilities, all generating volumes of daily alerts. The challenge as both the scope of what\’s digitised grows and the scale and scope of the threats grow, security teams are drowning in security alerts. To combat the growing cyber risks, oil and gas suppliers and all organisations, are realising they need to better identify what their digital crown jewels are and what are the surrounding supply chains to make them function. These have to become the primary focus for any security team. Following this, organisations then have to focus on how they better identify the threats quicker and more accurately. This shift is to a better integrated security ecosystem, that correlates across differing detect and respond capabilities, and uses automation to more quickly identify key risks and threats. Finally, more organisations are getting better at testing their own capabilities and running through fire drills.</p>