
[ad_1]
Cybersecurity risks to offshore oil and natural gas, such as those from state actors and cybercriminals, are on the rise.

In a new report, the U.S. Government Accountability Office (GAO) says the federal government has identified the oil and gas sector as a target for malicious state actors. Exploration and production (E&P) operations today require reliance on remotely connected operational technologies, and this is vulnerable to cyber attacks.
The potential impacts could “resemble those that occurred at Deepwater Horizon in 2010.” a disaster. Disruptions in oil and gas production or transmission can also affect energy supplies and markets,” the GAO researchers said.
[Shale Daily: Including impactful news and transparent pricing for shale and unconventional plays across the U.S. and Canada, Shale Daily offers a clear snapshot of natural gas supplies for analysts, investors and global LNG buyers. Learn more.]
The 2010 explosion of BP plc’s Macondo deepwater well killed 11 people, destroyed the Deepwater Horizon drilling rig and led to the largest oil spill in US history. An extensive investigation by BP and federal officials found that Macondo’s blowout prevention mechanism had failed and that there were safety lapses.
Although the Department of the Interior’s Bureau of Safety and Environmental Protection (BSEE) has long recognized the need to address cybersecurity risks, little has been done, according to the GAO report. In 2015 and 2020, BSEE launched efforts to address cybersecurity risks, but neither resulted in significant action.
Earlier this year, BSEE hired a cybersecurity expert to lead the new initiative. However, bureau officials said it will be paused until the specialist is adequately briefed on the relevant issues.
“Absent the immediate development and implementation of an appropriate strategy, offshore oil and gas infrastructure will continue to be at significant risk,” the GAO researchers said.
In developing the report, GAO reviewed federal and industry reports on offshore oil and gas cybersecurity risks, and interviewed agency officials with offshore and cybersecurity responsibilities. He also gained the perspective of non-federal stakeholders representing the offshore oil and gas industry.
Last year, Colonial Pipeline Co. servers. were hacked as a prime example of the vulnerability of the energy infrastructure. The attack forced the 5,500-mile pipeline to shut down the main lines of its system, which supplies about 45% of the East Coast’s gasoline, diesel and jet fuel.
Colonial reportedly paid hacker group DarkSide, a ransomware crime group based in Eastern Europe, $5 million in untraceable cryptocurrency for a decryption tool to restore the company’s IT network.
The report states that “GAO makes one recommendation: BSEE should immediately develop and implement a strategy to address risks to offshore infrastructure facilities. Such a strategy should include risk assessment and mitigation; and identify goals, roles, responsibilities, resources and performance measures, among others. We were informed in the email that Interior generally agreed with our findings and recommendation.”
[ad_2]
Source link