Reports say cyber threats on the rise
Middle East oil and gas industry urged to stay on top of growing cyber security challenges
The Middle East’s oil and gas industry was praised for its recent cyber-security initiatives but urged to maintain vigilant against a rising tide of targeted and fast-changing threats.
“From our interaction with the market, we’ve seen that the Middle East is determined and prepared to set an example on a global scale when it comes to cyber-attacks in the oil and gas industry,” said Diego Arrabal, Vice President, Southern Europe and Middle East, F5 Networks.
“However, while awareness-levels and technological capabilities to cope are at an all-time high, the region’s oil and gas industry needs to be extremely cautious about ever-evolving and increasingly complex risks.”
According to a recent global study by PwC, last year saw a 179% rise in the number of reported cyber-attacks on oil and gas companies, which soared above 6,500 cases.
Frost & Sullivan has also reported that cyber security uptake is expected to surge with the passing of national and international legislation and awareness-raising initiatives and that, ultimately, the issue would emerge as “the highest-priority area for oil and gas companies.”
“The oil and gas industry cyber-attack playbook could include anything from distributed denial of service (DDoS) attacks and phishing/spear-phishing emails to data theft, “zero-day” software assaults, web application exploits, and website defacement,” said Arrabal.
“Depending on the attack, the consequences may include embarrassing reputational hits, disruption of supply, millions of dollars in damage and lost business, or even health and safety incidents if critical equipment fails or is led astray by faulty data," he added.
Against this backdrop, defence tactics like hybrid approaches to DDoS attacks are set to gain increasing traction in the industry. These can provide the resilience and scale of cloud-based solutions with the granularity and always-on capabilities of on—premise solutions.
“Looking ahead, we need to do everything we can to raise industry knowledge of the complexity and nuances of the problems and ensure industry players, governments, as well as software and hardware vendors are all on the same page,” added Arrabal.
“The Middle East can and should play an important role here, sharing lessons learned, raising operational standards and illuminating new ways forward. The tools to defend are readily available, we just need to make sure they are applied correctly and in ways that do not compromise on industry performance or innovation.”