The oil industry is one of the most affected by cyberattacks. Second only to government entities, oil companies are one of the favorite targets of hackers.
In recent studies, it has been shown that almost 50% of global oil, gas and energy companies have suffered cyber attacks at least once in recent years. Even so, and being one of the most affected sectors, not many companies invest in computer security, or do so when they have already been victims of a crime. The trend indicates that the figures will continue to grow and 2020 has been one of the most “fruitful” years for hackers, who have taken advantage of all the contingency generated by the pandemic to attack millions of companies, the oil industry being one of their favorites.
Index
- Why the oil industry?
- The numbers
- How to protect the information?
Why the oil industry?
Oil companies have a high percentage of investment in physical security, electric fences, surveillance cameras and personnel; however, cybersecurity does not receive the same attention it should and that is why it is the ideal niche for hackers.
The service industry offers many options for a cybercriminal that can be quite dangerous for the greater good. Commonly, the attacks are carried out for economic purposes seeking to demand ransom for confidential information, but there have been cases in which the purposes are political or commercial, with the aim of manipulating investment trends in the economy. However, the consequences could be extremely serious as hackers could even cause damage and oil spills that would be disastrous for the community.
The form most used by cybercriminals is phishing, where the pirate impersonates the identity of a natural or legal person in order to generate contacts with the different oil companies, once there is a relationship, the hacker can send files by mail emails or text messages that contain information that at first glance seems true and reliable, but that in turn carry malware or spyware that is installed on the victim’s cell phones and computers. After this, the program starts stealing confidential information, credentials and taking silent screenshots or encrypting all information for ransom. In some cases, it also has the ability to detect keystrokes, easily deciphering what is written and the information that circulates within the organization. Not content with this, cybercriminals could go even further. By obtaining passwords, credentials and private data, it would not be a problem to access all communications or control of electronic devices, putting the entire company and people’s safety at risk. Some of the most famous attacks on this industry date back 4 or 5 years, with the famous “Operation Petroleum” commanded by Anonymys hackers or the “Sandworm” attack led by Russian hackers who sought to infiltrate North American oil facilities to control them. . By obtaining passwords, credentials and private data, it would not be a problem to access all communications or control of electronic devices, putting the entire company and people’s safety at risk. Some of the most famous attacks on this industry date back 4 or 5 years, with the famous “Operation Petroleum” commanded by Anonymys hackers or the “Sandworm” attack led by Russian hackers who sought to infiltrate North American oil facilities to control them. . By obtaining passwords, credentials and private data, it would not be a problem to access all communications or control of electronic devices, putting the entire company and people’s safety at risk. Some of the most famous attacks on this industry date back 4 or 5 years, with the famous “Operation Petroleum” commanded by Anonymys hackers or the “Sandworm” attack led by Russian hackers who sought to infiltrate North American oil facilities to control them. .
It may interest you: The importance of encryption in organizations
The numbers
Attacks against the oil sector have been growing rapidly. In recent years, the average loss due to damage to equipment, rescue of information and others related to computer crimes, was around 13 million dollars per year. This figure is expected to grow considerably this year given the global situation that has the entire oil industry on alert due to the constant attacks by hackers.
Álvaro Cárdenas, professor of computer science at the University of Texas and member of the Cybersecurity Education Institute, alluded to the seriousness of oil companies not investing in cybersecurity, “Blackouts or oil spills can be generated and harm many people”.
This is why it is extremely important that oil companies consider investing in computer security. According to Accenture, a survey conducted in 2019 revealed that oil companies are already more aware of risk and have increased their investment by almost 49% compared to 2017. “Accenture Upstream Oil and Gas Digital Trends Survey 2019” . However, much remains to be done to mitigate the impact of cybercriminals in this sector.
An excellent option to start protecting all the company’s data and privacy is encrypted phones . Mobile devices with state-of-the-art military technology that will keep all the information that goes out and enters the device encrypted and safe, making it possible to circulate communication within the company in a 100% secure way.
For companies that want to start with something more affordable, the ideal would be to think about replacing Sim cards with encrypted Sims that keep communication secure and are proof against cybercriminals. There are also encrypted messaging applications that will provide a higher level of protection and greater confidence.
At encriptados.io we have all the solutions for your company. You will be able to find the best brands of encrypted cell phones and encrypted applications in the world, as well as our Encrypted Sim that is a guarantee of security and anonymity.
Protect your information and give your company the security and confidence they need.
How to protect the information?
The oil, energy and mining sectors must think about and invest in cybersecurity as new technologies are incorporated that transform the business towards a more sustainable model. Connecting and being part of a global, digital and technological world must go hand in hand with increased protection of information and assets, bringing with it prestige, reputation and reliability.