Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Oil & Gas

Energy firms could be targeted by “crippling” cyber-attack within two years

By Allister Thomas
23/01/2018, 10:45 am Updated: 23/01/2018, 11:00 am
Cyber security

Oil and Gas companies in charge of critical infrastructure in the UK could be targeted by a “crippling” cyber-attack within the next two years, according to a security chief.

In an interview with the Guardian, the head of the National Cyber Security Centre Ciaran Martin said the UK has been fortunate to avoid a category one (C1) attack, and it is a matter of “when, not if” such an incident occurs.

A C1 attack is one that might cripple key infrastructure such as energy supplies.

Kevin Bocek, chief cyber-security strategist at Venafi, echoed Mr Martin’s comments.

“It’s only a matter of time until the UK suffers a crippling attack. Adversaries have already tried to manipulate elections and target critical infrastructure in Europe and US.

“Escalation of hostilities – whether criminal or by nations – is one of the most basic rules of human history.  Much of the reason the UK is so vulnerable is that many organisations – both in the public and private sectors – are simply bad at doing the basics right.

“With security teams being pulled from pillar to post by constant attacks, they don’t have the time to take care of a number of key precaution.

“It’s precisely these oversights which can let attackers in.”

An increased rate of attacks brought the issue to the fore last year, when consultants Deloitte published research showing oil and gas companies are particularly prone to cyber security risks.

Mr Bocek added that the defences most organisations have in place are useless against this new set of attacks involving machines and encryptions.

“Last year around 40% of attacks came through encrypted traffic, a figure that would be unthinkable if organisations had a proper grip of what machines encrypting communications should be trusted or not.

“It’s these failures to sort out cyber-security basics which make Martin’s prediction of a C1 level attack within the next 2 years all the more likely to come true.

“What’s more, given that many of these issues can be automated, fixing the problem doesn’t even involve taking analysts away from tackling live threats.

“Martin’s warning should be a reminder for all organisations, particularly those responsible for our critical infrastructure, to get a handle on these processes immediately – otherwise they are simply laying out the red carpet for those who want to do us harm.”

Recommended for you

Tags