Cybersecurity

New Cybersecurity Threat Emerges

Cybersecurity firm Dragos has identified a new threat to the oil and gas industry, HEXANE. The company has also released a report assessing the cybersecurity environment in oil and gas.

gettyimages-583960308.jpg

Cybersecurity firm Dragos has identified a new cybersecurity threat to the oil and gas industry. The identification of HEXANE brings the total number of activity groups targeting industrial control systems (ICSs) to nine, five of which Dragos says directly target oil and gas.

HEXANE is included in Dragos’ new report “Global Oil and Gas Cyber Threat Perspective.” The report is designed to provide a snapshot of the threat landscape as of August 2019. That landscape, however, is expected to change in the near future as adversaries and their behaviors evolve.

In addition to detailing the nine activity groups targeting ICSs, Dragos’ report lays out the following key finding:

  • The ICS security risk to global oil and gas is high and increasing, led by numerous intrusions into ICS networks for reconnaissance and research purposes, and adversary use of destructive malware at oil and gas facilities.
  • Oil and gas remains at a high risk for a destructive loss-of-life cyberattack because of its political and economic effects and highly volatile processes. Dragos assesses that state-associated actors will increasingly target oil and gas and related industries to further political, economic, and national security goals.
  • One significant threat includes active supply-chain compromises by activity groups targeting original equipment manufacturers, third-party vendors, and telecommunications providers.
  • Oil and gas entities should understand the behaviors and capabilities of activity groups targeting electric utilities because these adversaries may shift or expand targeting to include additional energy sectors.
  • Cybersecurity visibility in oil and gas operational environments remains severely lacking, allowing intrusions to dwell longer and root-cause analysis after an incident to remain elusive.
  • The complete energy infrastructure of all countries are at risk, and companies and utilities are facing global adversaries. Cyberattacks are an increasing means to project power in the energy domain. Traditional oil, natural gas, electric, and others can no longer be viewed as separate sectors to protect but rather as a single interconnected infrastructure.

Find the report here.