It’s not a secret that DDoS attacks are becoming more prominent in 2021. Stormwall’s data shows a 25.4% surge in DDoS attack frequency compared to Q4 2020. As usual, the most threatened industries are entertainment, telecommunication, online retail, finance, and others. However, there is one seemingly unlikely market, that is becoming the new DDoS hotspot — the oil and gas industry.
Being fundamental resources, natural fossil fuels have long attracted cybercriminals, and even politically motivated cyberattacks. For example, an attack on the US gas and oil sector that took place in May 2021 caused Colonial Pipeline, one of the largest American fuel operators, to shut down its entire network — the sole source of all of the U.S. East Coast’s fuel supply. Admittedly, this attack leveraged ransomware rather than DDoS. Still, it became one of the most expensive ransomware attacks on the economy of any country, increasing gas prices across the whole of the US.
Fuel infrastructure is transforming to be increasingly decentralized, incentivizing growth and reducing emissions. As a sector that is actively undergoing digitization, network-reliant systems are often introduced without proper attention to security concerns. An abundance of IoT devices and smart sensors used across pipes and facilities create an easy target for DDoS actors.
Worse yet, the oil and gas industry has limited reporting requirements and while we know that the attacks on the sector — both by nation-state political actors and for-profit criminals — are frequent, the exact scale of the threat is hard to assess. Researchers estimate the volume to reach hundreds of thousands of malware attacks per month, but with many instances remaining private, it’s hard to tell for sure.
While DDoS attacks are costly for all industries, this is especially true for the oil and gas market. Responders from one research revealed that one day of downtime costs an average of 8 million US dollars. A powerful denial of service attack can easily take down systems for more than a day. Especially considering that one-third of responders to the same survey conveyed that they view their cybersecurity readiness as “inadequate” or “somewhat adequate”.
One-third of responders further added that they view their sector as “underprepared” to defend against the attacks. The least confident were the responders from Saudi Arabia, with 90% viewing their current state of cybersecurity as lacking.
Often called the most important oil-producing country in the world, Saudi Arabia generated roughly 11.8 million barrels of oil daily in 2019. That is about 11% of the oil produced worldwide. Imagine what would happen if Saudi’s oil industry was entirely paralyzed due to DDoS?
A terabit-level attack could potentially halt oil production for weeks, creating a worldwide shift in gas prices, destabilizing certain currencies, and damaging the global economy.
Hopefully, the may 2021 attack on the US oil sector will act as a wake-up call. With many cyberattacks carried out by well-funded, highly equipped criminals with a political goal or as part of a corporate espionage campaign, DDoS will hit the oil and gas industry especially hard. In their current state, many facilities have no chance to mitigate an attack on their own.
However, a responsible approach to cybersecurity will help to mitigate the risks. Businesses in the industry should start by actively participating in sharing their attack data, to help security experts develop countermeasures. Additionally, an online cybersecurity solution, like the one offered by StormWall, can help reliably guard the company’s networks — in the oil and gas industry or not — against powerful DDoS attacks. Find out more about StormWall DDoS protection.