Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Oil & Gas / North Sea

UK government warns oil supply chain is ‘espionage target’

Allister Thomas By Allister Thomas
19/09/2018, 7:25 am Updated: 19/09/2018, 7:48 am
Photo of Allister Thomas
BEIS has warned that supply chain firms are an attractive target for hackers

The UK government has warned that oil and gas suppliers are an ‘attractive espionage target’ for hackers.

Oil and Gas UK hosted its first cybersecurity seminar at the AECC today, with Clare Dobson, head of energy cybersecurity at the Department for Business, Energy and Industrial Strategy (BEIS), being keynote speaker.

Delegates were told supply chain firms were particularly at risk from ‘individuals, extremist groups or even hostile states’ as they could be an easy route to acquiring details for various operators they work for.

Ms Dobson used the example of the APT10 espionage group, which in 2016 carried out a global hacking operation of IT firms to acquire information on their customers.

Earlier this year a new EU directive was introduced requiring a baseline security level for oil and gas operators.

However, Ms Dobson said this does not directly cover suppliers, who are an “extremely attractive target”, and BEIS is working to address that wider issue.

She said: “The threat to the energy sector is quite significant and it is not just about looking at the threats to the energy systems themselves that control supply, it’s about looking right through the supply chain and understanding where those vulnerabilities lie.

“I think supply chains, particularly to energy companies, are an extremely attractive target. If you have one supplier that supplies a number of customers, that is extremely attractive to a hacker.

“A hacker only needs to get into one system of companies to get access to the data and credentials of a whole range of companies and we have seen that happen over the last couple of years.”

Ms Dobson added the new legislation should lead to operators setting a higher standard of security for themselves, as well as the suppliers they work with.

“This directive covers a small number of operators but it does put pressure on the rest of the supply chain to act accordingly and I would expect those operators to be asking more prodding questions of their supply chain going forward.

“I think in that context there will be an expectation on some of the large players in the industry but also for the supply chain to up their game a bit.”

Oil and Gas UK said last week that the supply chain is continuing to feel the pressure of the oil downturn.

Alix Thom, the trade body’s skills and employment manager, chaired the event and said Oil and Gas UK is considering setting up a new working group to address the issue of cybersecurity.

She said: “It is something we have been talking about, I have heard from a number of operators have already come together to talk about this.

“As we’ve heard, this is also an issue that’s absolutely pertinent throughout the supply chain and it is a topic that is growing in interest and in importance. It’s certainly a very live topic for us.

“A working group would benefit from the point of view of bringing more people into the discussion, raising awareness of the issue and giving people access to best practice and information.

“Safety is our top priority in the industry so we cannot put a silo around this.”

Recommended for you

Tags