Virtual Threats to Real Oil
This summer, a group known as the “Cutting Sword of Justice” slashed its way across world headlines with bold attacks on oil and gas industry. But what makes the series attacks noteworthy is not that they were successfully planned and carried out, it’s how they happened: in cyberspace. Brazen cyber-attacks were carried out against Saudi Aramco, the world’s largest oil company. In a statement posted on Pastebin the group linked their attack to Saudi interference in politics in Bahrain and Syria. However, the “Cutting Sword of Justice” did more than just steal files and infect some 30,000 computers. The attack showed that oil companies must begin to take cyber-attacks more seriously.
Those who follow geopolitics of the Middle East must consider a somber fact. The internet is an important choke point for today’s hydrocarbon industry. A large-scale attack, even if only superficially successful, could cause a significant spike in oil prices. A refinery brought offline due to a cyber-attack is still a refinery brought offline. Unlike more traditional forms of disruption and destruction, shutting down the Strait of Hormuz or carrying out a terrorist attack, say, a cyber-attack would allow Iran or another actor to carry out its aims behind a veil of plausible deniability.
The attack on Aramco follows a similar attack on RasGas, one of Qatar’s two state owned natural gas exporters. Indeed, a virus labeled “Shamoon” has launched a variety of attacks on the global energy industry in recent months.
What makes them particularly frustrating is the fact that, just months ago, the industry received a very high-profile warning about just this sort of threat. In December 2011, the World Petroleum Congress was held in Qatar. It was the first time a Muslim or Arab country had hosted the event. Held every four years, the conference is the premiere event of the global oil industry. It was at this prestigious venue that Ludolf Luehmann, an IT manager for Shell, warned the industry that cyber-attacks could cost lives and cause “huge, huge damage.”
Before the rise of the IT sector in the last two decades, the world’s oil industry took pride in being perhaps the world’s most cutting edge industry. But two factors have made the oil industry increasingly vulnerable to cyber-attacks in recent years. New technologies introduced during the last decade make it possible for data generated on noisy oil rigs to be shared in real time on computer screens in Houston’s corporate offices to monitor oil production and safety conditions.
Oil companies in the Gulf have mainly succeeded in protecting the physical infrastructure of the oil and gas business. Major security companies like G4S often employ more personnel than the military forces of some of the Gulf countries and protect drilling platforms, pipelines, refineries, and transport infrastructure. Ground and aerial radar systems now protect many facilities as well. The challenge will be to ensure equal protection with regard to cyber-threats.
The recent cyber-attacks in the Middle East should force oil companies around the globe to adjust their security protocols. They must not only pursue cutting-edge solutions to traditional threats but also evaluate how recent technological developments have exposed new risks in the global oil supply chain. Khalid al-Falih, the CEO of Saudi Aramco, struck the right tone in a recent comment: “This was not the first, nor will it be the last, illegal attempt to intrude into our systems.”
Following the attack, another post appeared on Pastebin. It shows the alleged email and password of al-Falih. Apparently, the lesson about cyber attacks must be learned the hard way.
