Offshore operations appear to be the next big hacking target and the consequences could be significant.
According to a Reuters report, hackers recently shut down a floating rig by inducing a list. Another offshore rig’s computer system was so compromised by malware that it took 19 days to make it seaworthy again. Somali pirates and others gain illegal access to ship’s navigation and location identification devices and to systems control and stationkeeping capabilities on oil and gas facilities. This is beginning to seriously worry the maritime industry.
While the scope of the problem is hard to calculate, the annual Energy Market Review released by global insurance brokers Willis in April found that the industry “may be sitting on an uninsured time bomb.” The Reuters report said that cyber attacks against oil and gas infrastructure will cost energy companies close to $1.9 billion by 2018.
The problem may be growing, but it is not new. In 2009, a 28-year-old California contractor was charged in federal court with sabotaging computer systems on producing oil platforms off Santa Barbara, Calif. He hacked into the shore-to-rig communications network and disabled leak detection functions for the platforms’ export pipelines. Fortunately, although the damage was costly, there were no leaks.
The offshore industry has become increasingly vulnerable to such attacks as it moves to unmanned platforms and mobile drilling and production units that rely on computer control for everything from data transmission to drilling and process control and stationkeeping. Most functions are controlled via wireless or fiber optic links to onshore control facilities. Also, a number of facilities still rely on old software, written in an era when the ‘open source’ tag was more important than security, a report in Foreign Policy magazine said.
Solutions to offshore hacking threats are being quietly sought by industry.