APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • CXO Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Energy
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Greenfield Development: The View from a Renewable Energy Startup

    Paul Liddell, CIO Redback Technologies

    Tata Power: A Case Study on the use of Technological Innovation, Digitization and Data Analytics

    Anil Sardana, CEO, TATA Power

    Power Factor  Efficiency in the Usage of Electricity

    Joe Coco, EGM - New Ventures, Solgen Energy Group

    Utility was Yesterday, Tomorrow is Internet of Electricity!

    Mathias Steck, Vice President, DNV GL

    Balancing Risk Management with Technology in Singapore's Energy Market

    Andrew Koscharsky,

    The Future of Technology in Unconventional Shale Production

    Jeff Foster, President & CEO, MicroSeismic

    An Integrated Grid at the Intersection of IT and OT

    Matt Wakefield, Director of Information, Communication & Cyber Security Research, Electric Power Research Institute

    Smart Energy Solutions for Industries

    Michael Turwitt, CEO & President, 2G Cenergy Power Systems Technologies

    right

    Cyber Threats in Energy Companies

    Eric Eifert, SVP, DarkMatter LLC

    Tweet
    content-image

    Eric Eifert, SVP, DarkMatter LLC

    Cyber security for energy companies within the Middle East is extremely important. For example, the security breach incident at Aramco and RasGas highlighted the fact that oil and gas companies are a target of cyber attacks, which if successful can have a significant negative impact on organisations. The energy sector has the added challenge of needing to provide cyber security across a more diversified environment, which includes industrial control systems, communications systems with remote facilities, sub-contractors/suppliers and its own corporate network.

    Previously, the biggest threat energy companies used to face was the loss of sensitive and proprietary information to competitors. This information could be as simple as a list of customers, to more complex data such as the chemical formula for a gasoline additive or the organisation’s mineral exploration investment strategy. While different areas are of interest to different types of threat actors they generally share a single characteristic; the information is held on corporate servers in headquarters and regional offices. Information loss could be significant, having far-reaching implications for the profitability and reputation of the firms attacked.

    However, such attacks rarely affected the day-to-day operations of the targeted firms; commercial damage is real, but it would unfold over months and years as executives realised their rivals had stolen a competitive advantage on them. It rarely caused processes to be shut down and certainly didn’t involve disruption to supply and production. Threats were best countered by robust information protection measures

    including encryption of data in transit and at rest, and access controls to ensure that information was only disseminated to those who genuinely needed it.

    While traditional threat actors; rivals, criminals and environmental activists persist, today we’re seeing a dangerous trend of energy companies being targeted by state actors with far more ambitious and dangerous intentions. As more systems go online and become interconnected, they can be targeted by a hostile state looking to attack the underpinning infrastructure of the nations in which they operate.

    The malware programme nicknamed Stuxnet (discovered in 2010), for example, targeted computers that controlled centrifuges in a nuclear enrichment programme in country in the Middle East, altering their rotation speeds, causing the centrifuges to tear themselves apart and producing a cascade of second order effects. More recently, Ukraine suffered a multi-tiered attack on its energy facilities. The Ukrainian computer emergency response team (CERT) reported that in total eight facilities were attacked, ultimately leading to a loss of power for hundreds of thousands of people in the middle of winter. Although most recovered their power within three hours, after-shocks continued for days with Power Company employees having to travel along ice-covered roads to remote sub-stations to manually close breakers the hackers had opened remotely. Most sinisterly, the attack was multi-pronged; opening of breakers was accompanied by spoofing of monitoring systems, a distributed telephonic denial of service attack on help lines, and destructive attacks against corporate systems, all designed to systematically prevent the Ukrainian authorities from resuming control.

    The Middle East is rapidly increasing its cyber security capabilities; however, it takes time to build mature processes and procedures, upgrade technology, collaborate on threat intelligence, and develop a workforce that can tackle the current and future cyber threats. We are starting to see cyber security policy, information sharing laws, education programmes, and cyber security technology companies focus on the region. There is an increased understanding of the cyber risks that face the region and investments to mitigate those risks.

    We believe that energy companies and governments need to adopt an outlook on cyber security in which they assume breach, and establish the necessary protocols and defences to such.

    We also believe that underpinning this outlook should be a commitment to a cyber security life-cycle, which is a four-stage approach encompassing planning, detection, protection, and recovery. 

    Energy companies need to focus on:

    How and why cyber security is at the forefront of national security
    Why having additional connectivity / IoT / smart cities exposes additional threat vectors
    How the current geo-political turmoil is intertwined with cyber

    tag

    Cyber Threats

    IoT

    Weekly Brief

    loading
    25 Most Promising Energy and Utility Solution Providers
    ON THE DECK

    Energy 2016

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Advancing Retail through E-Commerce, Cloud and Cyber security

    Advancing Retail through E-Commerce, Cloud and Cyber security

    John Gaspar Antonio, CIO/Vice President for Information Technology & E-Commerce / Data Protection Officer, Metro Retail Stores Group
    From Code To Impact: Leading Enterprise Ai With Purpose

    From Code To Impact: Leading Enterprise Ai With Purpose

    Jingting Cher, Deputy Director, Data Science, Sp Group
    Reimagining Pension Services Through Responsible Innovation

    Reimagining Pension Services Through Responsible Innovation

    Maz Mirza, Chief Digital Officer, KWAP Malaysia
    Maritime: Beyond Systems, Beyond Seas

    Maritime: Beyond Systems, Beyond Seas

    Ron Fong, Cio, Station Satcom
    Human-Centered Innovation in the GenAI Era

    Human-Centered Innovation in the GenAI Era

    CJ Meadows, Head of Innovation-Asia, Executive Education Designer, Professor & Head of Mbaconsulting, S P Jain School Of Global Management
    The Art and Science of Selling

    The Art and Science of Selling

    Scott White, Senior Manager Sales and Marketing Operations, Airbus
    Responsible Data Leadership in an AI-Driven World

    Responsible Data Leadership in an AI-Driven World

    Gemma Dias, Head of Data Governance, Tyro Payments
    Driving Guest-Centric IT Innovation in Integrated Resorts

    Driving Guest-Centric IT Innovation in Integrated Resorts

    Ching Yip, Vice President of Information Technology, Hoiana Resort & Golf
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://energy.apacciooutlook.com/cxoinsights/cyber-threats-in-energy-companies-nwid-2870.html