Report: the development of cyber security in the oil and gas industry in the Middle East is lagging behind

gas industry

According to Siemens and Ponemon study found that in the past 12 months, nearly 3/4 of the Middle East oil and gas industry organizations have experienced safety hazards, leading to the loss of their confidential data or operating technology (OT). The research report points out that the oil and natural gas industry accounts for half of all cyber attacks in the Middle East. Given the importance of the economy in the Middle East, these industries are facing more immediate risks.

OT research includes systems for monitoring and controlling physical equipment and industrial processes. It is increasingly linked to IT networks. However, because of this, IT/OT integration is opening up new ways for cyber attacks.

Of the respondents surveyed, the majority (60%) believe that their organizations face greater risks in the OT than in the IT environment. Because research shows that 30% of the target in the Middle East is targeted at OTInsiders have been found to be the main source of OT security threats. For example, some careless people are more threatening than malicious actors.

The report pointed out that these organizations have begun to take key measures to counter the increasingly widespread cyber attacks, including establishing a dedicated OT security team, working with OT security experts, using security analysis, and introducing sophisticated monitoring tools.

Interestingly, however, their budget for OT cyber defenses is not synchronized with the threat: Research finds that oil and gas organizations in the Middle East spend only one-third of their cyber security budget to strengthen the OT environment, their total network security budget, including IT and OT, are lower than their global peers.

The following are the attacks on oil and gas organizations in the Middle East:

In 2012, Saudi Oil, the world’s largest oil company, suffered major damage after infecting 35,000 computers.

The oil and gas sector in the Arabian Gulf only incurred financial losses of 1 billion euros last year because of the attacks.

In August 2017, the attacker used OT-specific malware Trisis or Triton to attack the security system of an oil and gas plant in Saudi Arabia, causing the facility to stop operating.

Source, Image: welivesecurity