Log4j attacks remain a major threat warns Microsoft

According to a new report, more than 1.600 US-owned offshore oil and gas facilities are at "increasing" and "significant" risk of cyberattacks and therefore need to be adequately protected.

The warning from the US Government Accountability Office (GAO) comes in a report submitted to the US Congress, adding that these facilities produce a "significant" amount of oil and country gas.

In writing the report, GAO took a closer look at the facility's network and its operational technologies (OTs) used to operate the equipment installed there.

Ransomware attacks

Apparently, an attack on the OT would trigger a disaster to rival the 2010 failure of Deepwater Horizon's blowout preventer. At the time, the offshore drilling rig had its OT crippled, leading to an explosion and sinking. A total of 11 people lost their lives and some were seriously injured. In addition, the United States had to deal with the largest marine oil spill in its history.

But the Deepwater Horizon incident is not the only event the GAO is referring to. Colonial Pipeline ransomware, which occurred last year, disrupted the delivery of gas and gas products in much of the southeast of the country. Furthermore, the company was forced to pay €5 million in ransom demands just to get the system up and running again.

Lee mas

> What IT security teams can learn from the Colonial Pipeline ransomware attack

> Colonial Pipeline paid €5 million ransom to hackers

> These are the best malware removal tools right now

In addition to local incidents, the report also mentions (albeit tentatively) events around the world, which should be watched closely. Russia's invasion of the Ukraine has disrupted gas distribution, and with Russia being one of the largest exporters of natural gas to Europe, the Old Continent now faces major price shocks. Russian pirates are also busy, especially since February of this year. According to the GAO, cybercriminals, especially state-sponsored groups, are well equipped to attack power companies and similar service providers.

Turning a blind eye to these facilities creates a "significant liability," the report concludes. Instead, the US government should focus on developing a cybersecurity strategy for its oil and gas structures, which would include risk assessment, performance metrics, effort coordination, and resource assessment.

  • Check out the best endpoint protection services now

Via: The Registry

Share This