Oil companies fell behind in hardening their computer control systems against cyberattacks after the collapse of crude prices more than 3 years ago, putting security initiatives on hold while state-sponsored hacking groups became more proficient at probing US energy networks, according to cybersecurity experts.
Oil and gas cybersecurity teams faced funding shortfalls for projects to protect networks that run pipelines, drilling rigs, and other oil field operations as energy companies slashed thousands of jobs and cut production, security professionals said in recent interviews and conferences. Meanwhile, the worst of the downturn in early 2016 and some of the deepest cuts to jobs and spending coincided with an intensifying campaign of online attacks on energy networks by hackers backed by the Russian government, according to a recent report by the FBI and Department of Homeland Security.
The hackers almost certainly penetrated the networks, according to government and private cybersecurity specialists, likely with the aim of testing detection capabilities and responses and preparing for a a day when they could launch an attack aimed at shutting down operations or damaging facilities. Attacks that interrupted the flow of power or crude oil or gasoline could disrupt, if not derail, the US economy.
During an oil bust, said Paul Brager Jr., a cybersecurity specialist at Houston oil field services firm Baker Hughes, “projects, capabilities, and needs that aren’t exactly on top of mind go to the bottom of the pile.”
In recent years, federal authorities, and security consultants have warned of the vulnerability of the US energy industry to cyberattacks, pointing to outdated software that hackers can easily crack, a vast network of internet-connected devices that provide avenues to control systems, and lack of monitoring and detection of attempted intrusions. In many cases, specialists said, companies can’t tell if hackers have penetrated their networks or if they are still lurking in their systems.