Page 44: of Offshore Engineer Magazine (Sep/Oct 2013)

43 45

Most rely on decades-old supervisory “the security systems for offshore oil 2012 Data Breach Investigations control and data acquisition (SCADA) platforms were not designed with Report. The report states, “Most vic- software, written in an era before security in mind. They simply had a tims fell prey because they were found security was even thought of, says layer of IP thrown over them like a to possess an (often easily) exploitable

HSEQ

Jeff Vail, a former counterterrorism blanket. They are legacy systems and weakness,” and 96% of the success- and intelligence analyst with the US are all over the place, and they remain ful breaches could have been avoided

Interior Department, in a news report. extremely vulnerable.” if the victim had put in place simple “It’s underappreciated how vulnerable The cost of making improvements or intermediate controls. In addition, some of these systems are,” he says. argues against industry making them. 85% of the penetrations took fve “It is possible, if you really understood “Ultimately, it is the wallet that pushes months to discover; the discovery in them, to cause catastrophic damage by the move to integration,” says Steve most cases made by a third party.

causing safety systems to fail.” Elliott, director of Triconex product IP makes up most of a company’s

A study of threats to oil and gas management for Invensys Operations value, but its accurate value is not companies by Rice University noted: Management. “If integration is cheaper, known until it is put on the market. It “Clearly by any means, the operator people will buy it.” usually takes time for a hacker to turn will be prepared to consent to any Ingenious attacks on offshore oil intellectual property thefts into a com- demands, however bizarre, in order installations can lead one to believe mercial product, but not always. China to avoid a catastrophic failure of the hackers are evil geniuses operating severely penetrated the design and the offshore asset which is usually a multi- with deft, breathtaking skill in outwit- avionics of the new US F-35 fghter, billion dollar investment. If the cyber ting company security procedures. The says Vince Cannistraro, former head criminal wishes to impose disastrous truth is extremely defating. In 2011 of CIA Counterterrorism. He says it is damage to the platform, this is a very and 2012, surveys showed more than abundantly clear some of the stolen US elaborate task requiring specialized 90% of successful penetrations of com- data is already seeing the light of day coding intended to fool the automatic pany networks required only the most on the latest Chinese fghter designs. shut-down mechanisms.” basic techniques. The sad fact is that losses from cyber

Another congressional source says, More worrying is the fact breaches intrusions can cost companies big “Security is not simply a matter of went undetected for weeks, sometimes money. When Saudi Aramco, Saudi funding or planning,” pointing out even years, according to the Verizon Arabia’s national oil and gas company,

Powerful jumper and umbilical monitoring

As subsea field umbilical arrays grow ever more complex then the integrity of the components becomes increasingly critical.

C-Kore is designed to provide assurance to field installation engineers that their umbilical systems will meet the client requirements by checking electrical integrity immediately prior to connector make-up.

For further information visit our website or call our sales team on 01653 602020

Tel: +44 (0) 1653 602020 | Email: [email protected] | Web: www.zetechtics.com

Zetechtics Ltd

OE | September 2013 oedigital.com 46 044_OE0913_HSEQ_4_AdvPerThreat.indd 46 8/18/13 12:14 PM