18 Feb 2022 | 13:53 UTC

Cyberattacks on oil surge as hackers target commodities

Highlights

Oil Security Sentinel tracks 35 cybersecurity attacks on resources, energy since 2017

US most targeted by hackers with energy and resources cyberattacks

2021 a record year for physical security incidents targeting oil and energy

Cyberattacks on energy and commodities infrastructure are on the rise, with 35 major incidents recorded over the last five-year period, according to the latest update of the S&P Global Platts Oil Security Sentinel™ research project.

Oil assets and infrastructure emerged as the biggest targets for hackers and cyberattacks since 2017, accounting for a third of all incidents over the period. Electricity networks were the next most vulnerable, making up a quarter of all incidents, data collected by Platts showed.

Last year, incidents included a ransomware attack by hackers on Saudi Aramco, the world's largest single exporter of crude, which involved a data leak and an attempt to extort $50 million from the state-controlled oil producer.

Click here to explore the Oil Security Sentinel™

Cybersecurity has emerged as a major threat to commodities industries and markets over the last decade, with hackers seeking to steal data and paralyze the flow of resources. Last year, petroleum product prices in the US were hit when the Colonial Pipeline, which supplies around 45% of fuel to the East Coast, was hit by a ransomware attack.

Colonial stretches more than 5,500 miles from the Houston refining hub to New York Harbor and delivers more than 100 million gallons/day of fuel and heating oil.

Europe's oil products sector was hit earlier this month when a cyberattack targeted loading facilities in Germany and spread to key terminals in the Amsterdam-Rotterdam-Antwerp (ARA) network. A total of 17 terminals (11 in Germany and six in ARA) were affected, Platts reported Feb. 3.

Speaking at the Munich Cyber Security Conference Feb. 17, US Deputy Attorney General Lisa Monaco warned of "a pivot point in the cyber threat, a blended threat of nation-states and criminal gangs forming alliances of convenience and working together to exploit our own infrastructure against us."

US authorities eventually recovered $2.3 million in ransom money paid during the Colonial Pipeline incident, Monaco said.

Commodities, energy and resources assets in the US have been targeted more than any other nation, accounting for a third of all cyberattack since 2017, according to the updated Oil Security Sentinel. The UK and Saudi Arabia were the next most targeted countries, with four and three attacks verified by Platts news reports respectively.

In 2020, the London-based International Maritime Organization, which oversees shipping globally, suffered a major hack of its website. The IMO is responsible for setting maritime rules such as new legislation to reduce emissions and force shippers to use cleaner fuel.

Physical attacks

The latest update of the Oil Security Sentinel to be showcased at the S&P Global Platts London Energy Forum on Feb. 21 will also show a significant increase in physical attacks on oil, energy and commodities infrastructure in 2021. Last year saw 31 incidents out of a total of 71 physical attacks verified by Platts since 2017.

Oil producers in the Gulf emerged as the most vulnerable to attacks and security incidents targeting pipelines, refineries and shipping. This year, militants have extended their reach to launch drone attacks on fuel facilities in the UAE -- OPEC's third-largest producer -- for the first time.

These incidents mark an escalation in the scale of risk posed to energy infrastructure. Abu Dhabi, which is geographically separated from the conflict in Yemen by Saudi Arabia, was previously considered beyond the strategic range of militant airborne attacks.

Drones targeting energy infrastructure in the Middle East have statistically proved harder to intercept, according to the detailed Platts analysis of security incident reports.

The analysis of reported incidents also shows that 56% of attacks were intercepted before reaching their target. However, more than half of the reported incidents using unmanned drones hit their target, compared with a 92% interception rate for missiles directed at Saudi Arabia's energy infrastructure.