Page 24: of Offshore Engineer Magazine (Jan/Feb 2013)
Read this page in Pdf, Flash or Html5 edition of Jan/Feb 2013 Offshore Engineer Magazine
Lewis says ‘thousands of at Shell, Europe’s largest in Iran’s Natanz facility, version was launched. places around the world oil company, says: ‘We see shows the potential The second version had a were infected but only one an increasing number of devastation of a worm different trigger.
was damaged’, the Iranian attacks on our IT systems created to cause damage. Chevron was one of facility at Natanz. and information, and Experts say this kind of the ? rst oil companies to ‘Stuxnet is an there are various attack could occur on oil fall victim to the Stuxnet
Perspectives interesting weapons motivations behind it: producing offshore rigs. virus. design. You need to criminal and commercial,’ Riemer Brower, head of Blair Nicholas, of the law introduce the virus and perhaps focusing on IT security at Abu Dhabi ? rm Bernstein Litowitz then you need to trigger research and development Company for Onshore Oil Berger & Grossman, based it. It only works against to gain a competitive Operations, says the oil in San Diego, says: ‘To the a speci? c con? guration,’ advantage. industry has avoided any extent that there aren’t explains Lewis. The damaging incidents so adequate procedures
Sophisticated hackers in place to protect the
Cyber war experts like
James Lewis, of the
Center for International & Strategic Studies (CSIS), are aware that most industries operate on computers vulnerable to attack.
Hackers are increasing in number, becoming more knowledgeable and skilled, and making more daring attacks on systems. ‘The Chinese have been very successful,’ Lewis says.
Oil companies are warning that the worst-case scenario would companies’ crown jewels be one in which valves ? rst stage of the virus and somebody gets the key were accessed, which far, but he warns ‘the oil used a ‘beacon’ that to the jewelry box, there could set offshore rigs on companies in charge are no performed surveillance is certainly potential for ? re, kill personnel and longer really in control’. of the target, mapping shareholder derivative halt production. The cost an electrical blueprint of liability.’ of downtime on a typical Chevron victimized Iran’s centrifuges. The Besides Chevron, no offshore rig is California-based oil giant second stage, a trigger, other corporate victims $6.3 million/day, say Chevron has con? rmed its took advantage of a series have disclosed attacks in experts. The ? nancial loss computer systems were of ‘zero-day exploits’ that ? lings with regulators.
could be huge. could be huge. infected with Stuxnet. ended up causing physical Some companies have Stuxnet, which crippled Stuxnet, which crippled Chevron spokesman damage. The virus was already been victims of the nuclear centrifuges the nuclear centrifuges Morgan Crinklaw says the only con? gured for Chinese-backed industrial company was protected Iranian nuclear facilities. espionage assaults like from major damage to Apparently, it wasn’t Night Dragon that have its network, adding the designed to spread. cost them billions of
Expert AccessExpert AccessExpert Access company makes ‘every But it did. dollars in plans and
Join Gregory Hale and Join Gregory Hale and effort to protect our data Researchers at Symantec intellectual property,
Eric Byres on 29 January at 11.00AM CST for a Live systems from those types and Kaspersky Labs stated sources say, and some
Presentation and Q&A session of threats’. Stuxnet had two versions. of the attacks remained on how compaies should be According to US The ? rst, launched in undetected for years. reassessing their security of? cials, any industrial 2010, had a 21-day period In the Night Dragon concerns to protect their data component is liable after which the virus attack, Exxon Mobil, Royal assets. See page 78 for more to be targeted by such would be null and void. Dutch Shell, BP, Marathon information.
sophisticated attacks. Shortly thereafter, a second Oil, ConocoPhillips
OE | January 2013 26 oedigital.com oe_analysis.indd 26 03/01/2013 13:25