Attacks and Vulnerabilities
Critical infrastructure
Mining, Oil & Gas
News

WEF weighs in on cyber attacks targeting European energy sector

February 08, 2022
WEF weighs in on cyber attacks targeting European energy sector

The World Economic Forum (WEF) said that the cyberattack on the European oil refining hubs of Amsterdam-Rotterdam-Antwerp (ARA) has considerably disrupted the loading and unloading of refined product cargoes amid a continental energy crisis. Cyber attacks have lately targeted port facilities, oil transport and storage facilities, and more recently, a communications company across Europe. 

“The disruption could see further cascading effects, with potentially larger societal and economic impacts across all European countries. This follows a similar attack on two German firms that led to minor disruption on petrol supplies in northern Germany,” the WEF said in its post. Early reports indicate that a type of ransomware was used in the attacks in Germany. Ransomware attacks grew 150 percent in the past year and can cause considerable damage even in well-supplied and stable markets, it added. 

“The cyber attack on ARA initially appears to compound an already difficult situation for European energy markets,” according to the WEF. “Oil and gas inventories are low and prices are at levels not seen for years. As a result, it will likely increase the level of stress in the system more so than its actual physical impact. Further, these attacks and the disruptions occur in a time of geopolitical crisis, increasing the chances of wider inadvertent political escalation,” it added.

The kinetic impact to society-at-large of having an infrastructure breakdown due to a cyberattack is also highlighted by the incident, WEF added. 

As cyber threats become more sophisticated, the current digital transformation across the industry exposes critical infrastructure and the entire oil and gas supply chain to cyber risks with potential future safety and environmental impacts and disruptions to business operations, WEF added. Protection against these cyber threats is increasingly challenging in the face of growing attack surfaces, the proliferation of offensive cyber capabilities, and shortfalls in international cooperation, it added. 

The WEF has identified three significant trends facing the energy sector, including expansion and convergence of the digital threat landscape between IT and OT (operational technology), with greater connectivity of the critical infrastructure and rapid adoption of emerging technologies to speed up the business model transformation. 

It also cited the rise and complication of supply chain attacks in securing global oil and gas operating environments with the highly interconnected environment of partners, joint ventures, and suppliers where cyber hygiene is siloed, and responsibility shared across diverse priorities. The agency also detected an escalation of cyber-attacks in the industry that threatens business operations and public safety, as stressed by 80 percent of cyber leaders in the WEF’s Cybersecurity Outlook report for 2022.

The WEF said that the “industry should act now to mitigate future disruptions caused by cyber-attacks similar to the ARA incident.” It called for action on cyber resilience by establishing a comprehensive cybersecurity governance model, promoting security and ‘resilience-by-design’ culture, increasing the visibility of third parties’ risk posture, and considering broader ecosystem impact. 

It also called for holistic risk management and ‘defence mechanisms’ with effective preventive, monitoring, response, and recovery capabilities. The WEF also called upon the community to prepare and test a resilience plan based on a list of predefined scenarios to mitigate the impact of an attack, and strengthen international public-private collaboration between all stakeholders in the industry.

The WEF also said that cyber attacks can potentially disrupt critical infrastructures that deliver foundational support to current economies and functional societies, which could also drive government action on the importance of cybersecurity. The agency cited U.S. President Joe Biden’s executive order in May last year that focused on strengthening cybersecurity across the federal government and the critical infrastructure sector, following the Colonial Pipeline ransomware attack. More recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) circulated advance warnings on threats to critical infrastructure environments, with concrete recommendations and suggestions.

The current spate of cyber attacks targeting the energy sector is not the first instance of security gaps exposed by cyber attackers in the critical energy infrastructure sector. Last May, Colonial Pipeline was struck by DarkSide ransomware attackers leading to the shutdown of 5,500 miles of pipeline carrying around 45 percent of fuel supplies along the U.S. East Coast. 

Other recent cyber attacks, including those on a Florida water plant last February, and a SolarWinds software provider in 2020, further emphasize that the success of such attacks depends on the shortcomings of defensive measures. 

“There’s also a clear need to secure legacy systems, inadequately protected due to rapid digitalization and their connection to the internet, despite such connectivity not being envisaged in their original design,” the WEF added.

On Tuesday, there were reports that cyber attacks had struck the communications sector in Europe, with Vodafone Portugal’s mobile, SMS, fixed voice, and TV services brought down on Monday night. The company said a large chunk of its customer data services went offline overnight following ‘a deliberate and malicious cyberattack intended to cause damage and disruption.’

The best way for critical infrastructure to deal with the emerging threat of cyberwar spillover or direct cyberattack by nation-state or cybercrime threat actors is basic cyber hygiene, Daniel Bren, CEO and co-founder of OTORIO, wrote in a company blog post. “Companies need to take a proactive approach – assessing risk by gaining visibility into their networks and understanding exposure, then proactively mitigate those risks.” 

It’s also important to realize that securing the networks that control industry and infrastructure demands a different type of cybersecurity approach, according to Bren. “Both government and industrial/critical infrastructure operators are becoming aware of the need for attack mitigation tools that were designed and built from the ground up for OT ecosystems – with operational processes and business continuity as their number one priority,” he added.

Last August, the WEF proposed a harmonized and streamlined approach to help ensure that essential cybersecurity standards are met in an advancing supply chain ecosystem that exists among industries in the oil and gas sector. The blueprint was to help ensure that third-party risk management becomes a critical part of any organization’s overall risk management strategy.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation