Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Computing / Hackers Drawn to Energy Sector
Security Fail: Hackers Drawn to Energy Sector's Lack of Controls
Security Fail: Hackers Drawn to Energy Sector's Lack of Controls
Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Oil and gas companies, including some of the most celebrated industry names in the Houston area, are facing increasingly sophisticated hackers seeking to steal trade secrets and disrupt operations, according to a newspaper investigation.

A stretch of the Gulf Coast near Houston features one of the largest concentrations of refineries, pipelines and chemical plants in the country, and cybersecurity experts say it's an alluring target for espionage and other cyberattacks.

"There are actors that are scanning for these vulnerable systems and taking advantage of those weaknesses when they find them," said Marty Edwards, director of U.S. Homeland Security's Cyber Emergency Response Team for industrial systems.

Homeland Security, which is responsible for protecting the nation from cybercrime, received reports of some 350 incidents at energy companies from 2011 to 2015, an investigation by the Houston Chronicle has found. Over that period, the agency found nearly 900 security flaws within U.S. energy companies, more than any other industry.

Steps are being taken to thwart attacks. For instance, the Coast Guard in a joint operation with Houston police patrolled the waters southeast of Houston last year conducting sweeps for unprotected wireless signals that hackers could use to gain access to facilities. The operation was one of the first of its kind in the U.S. concentrating on cyberattacks by sea.

But the vast network of oil and gas operations makes it difficult to secure. Thousands of interconnected sensors and controls that run oil and gas facilities remain rife with weak spots.

Many companies lack the technology and personnel to detect hackers. Equipment was designed decades ago without security features, and efforts over the years to link computer networks to devices that monitor pressure or control valves have exposed operations to online threats.

"You could mess with a refinery or cause a vessel to explode," Richard Garcia, a former FBI agent who became a cybersecurity specialist, told the Chronicle.

Power, chemical and nuclear facilities must adhere to strict cybersecurity measures, but federal law doesn't impose such standards on the oil and gas sector. And when oil and gas companies have been infiltrated by a hacker, they're not required to report the incident.

More than 20 of the nation's largest oil companies -- including Exxon Mobil Corp. and ConocoPhillips, refiner Phillips 66 and pipeline operator Kinder Morgan -- declined to comment or did not respond to multiple requests for comment. The American Petroleum Institute, the national trade association for oil and gas, also declined to comment.

Charles McConnell, executive director of Rice University's Energy and Environment Initiative, said oil companies tend to rush to deploy new computer technologies that make operations more productive, but only afterward considering ways to defuse online threats.

"The pace of change of the technology we've adopted is every step of the way more and more vulnerable to cyberattack," McConnell said.

© 2017 Associated Press under contract with NewsEdge/Acquire Media. All rights reserved.
Tell Us What You Think


Posted: 2017-03-11 @ 3:14am PT
Are you kidding? Our mighty Coast Guard is checking
"security" by scanning for unsecured Wifi??? Perhaps they are looking for signs that say "Steal Me!", too.

Like Us on FacebookFollow Us on Twitter

© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.