It shouldn’t come as a huge surprise – after all, anything that uses networked computing is at risk without the proper precautions – but independent researchers have declared oil rigs to be extremely vulnerable to hacking attempts.
While oil companies have made huge improvements in offshore safety and environmental protection, their efforts to secure important data have been poor, the SINTEF team says.
The group says that the current “integrated operations” model, which uses onshore workers to control processes carried out on the platform via networked PCs, leaves communications open to attack.
According to Science Daily, the team interviewed “key personnel in the petroleum sector” to get a sense of the data protection measures currently in place. The interviewees confirmed “that the number of safety incidents on production systems (platforms) has risen during past few years.”
Researchers said that hackers have already made their presence felt on oil platforms.
“The worst-case scenario, of course, is that a hacker will break in and take over control of the whole platform,” says SINTEF scientist, Martin Gilje Jaatun. “Luckily, this has not happened yet, but we have heard of a number of incidents that could have turned into something quite dramatic. For example, virus attacks have led to process electronic equipment becoming unstable.“
Frankly I’m surprised there haven’t been any major incidents so far, but it’s safe to assume that the inevitable resurgence of oil prices (not to mention the increasingly politicised nature of the fossil fuel industry) will make unmanned rigs into highly appealing target for hackers interested in protest or profit. [image by ccgd]
In fact, the profit motive is probably the stronger of the two… profit, or the prospect of free fuel. Any terrorist group or pirate nation looking for a ready source of the black gold would find it easy enough to hire some disaffected code-kiddie, then pay (or threaten) them enough to get them to bypass the security on an unmanned rig and then fiddle the telemetry for long enough to allow a physical invasion of the platform. Hey presto – a big base in offshore waters with all the oil you could ask for, and a target that even a major government is going to think twice about simply bombing to smithereens…