The downstream oil and gas industry is an important component of the global economy. There is no denying that the digitalization of operations has created significant opportunities to increase productivity, reduce costs, and increase profitability. The challenge, however, is that connecting operations to the enterprise exposes organizations to numerous cybersecurity risks.
The increased use of automation and remote monitoring increases the attack surface and requires appropriate security measures to be taken to ensure uptime.
Sustaining operations is critical to the success of oil and gas companies, especially those in the downstream sector. The risk of downtime extends beyond maintenance issues, making them highly vulnerable to cyber-attacks. According to a recent study, the oil and gas industry was the fifth most targeted industry for ransomware alone. The increased security measures currently required may identify cybersecurity risks that increase the need for downtime until the issue is resolved in a secure manner. But once you understand this growing risk, there are ways to reduce it.
Vulnerabilities in operational technology
Operational technology (OT) refers to hardware and software systems used to monitor and control industrial processes. These systems are widely used in the downstream oil and gas industry to manage everything from pipeline flow rates to refinery temperatures. Infrastructures are often distributed and include remote stations and legacy technologies with different functions that are integrated into the IT infrastructure.
A major challenge lies in the historical development of OT systems, which predate the Internet. By nature, these systems are designed to operate independently and often lack basic security features such as encryption and authentication. This vulnerability arises from the fact that many OT systems were originally designed with serial-based connections, which were later replaced with IP-based connections. While this transition was an important step to help carriers close the capability gap between these two areas and increase situational awareness, the increased use of technology has also contributed to the sector's growing There's also a certain irony in being both the cause and the solution to vulnerability. Visibility does not always lead to detection, and detection does not always lead to appropriate response.
Therefore, while this transition has increased automation and efficiency, it has created new vulnerabilities that are not fully understood by many businesses. If left unchecked, this could have a serious impact on the industry. Additionally, because these systems play a critical role in maintaining the seamless operation of oil and gas facilities, their complex nature complicates the implementation of updates and patches. The reluctance to implement changes is due to the potential financial impact of downtime. For example, human machine interfaces (HMIs) linked to remote terminal units (RTUs), especially those that affect pipeline volumetric measurements, are considered to be among the most vulnerable. HMIs and RTUs were designed with a focus on functionality rather than robust cybersecurity measures. While the transition from serial-based to IP-based connections has increased automation, it has also introduced new vulnerabilities that were not fully understood in the original design. Given that these interfaces directly impact the flow rate and operation of critical infrastructure such as pipelines, any compromise of their security poses a significant risk and could lead to operational disruption and environmental impact. There is a gender.
This article was originally published in the April 2024 issue of the magazine. hydrocarbon engineering magazine. To read the full article, please sign in or subscribe for a free subscription.
Written by Paul Evans, Nozomi Networks
