In the rapidly advancing digital age, the oil and gas sector finds itself at the forefront of cybersecurity challenges. As the dependence on technology grows, so does the risk of cyberthreats targeting critical infrastructure. The oil and gas industry relies heavily on complex digital systems for operations, control and monitoring. These systems, while enhancing efficiency, also expose the industry to cyberthreats such as cyber espionage, ransomware attacks and data breaches, posing significant risks to not only financial stability but also public safety and environmental integrity. Against this backdrop, initiatives undertaken by oil and gas industry players to fortify their cybersecurity defences stand out. From implementing robust endpoint protection to embracing advanced technologies such as cloud computing and internet of things (IoT), companies are navigating a complex landscape with strategic resilience. Additionally, initiatives undertaken by industry players showcase the proactive measures being implemented to mitigate these threats. Despite these efforts, the immediate need for enhanced cybersecurity standards and risk management strategies remains paramount.
Rising cyberthreats
In the digital age, data breaches are on the rise, marked by unauthorised access to confidential information. While “data breach” and “cyberattack” are terms used interchangeably, not every breach is an attack, as breaches specifically compromise information confidentiality. As per IBM’s “Cost of a Data Breach 2022” report, organisations incur an average cost of around $4.35 million due to data breaches. The report also highlighted that a significant 83 per cent of companies have encountered more than one instance of a data breach. Often, the oil and gas sector uses industrial control systems and supervisory control and data acquisition systems to monitor and control physical processes. During a notable surge of cyberattacks from October 2021 to April 2022 in the Indian Petroleum Refinery sector, Critical Information Infrastructure threat intelligence sensors detected 0.36 million attacks, as reported by the Cyber Peace Foundation.
Cyber espionage represents a notable cybersecurity threat. It exposes the oil and gas industry’s critical infrastructure to vulnerabilities that may result in severe consequences, including data theft, financial losses and even potential physical damage. Ransomware has emerged as a prominent cyber-risk. There has been an increase of about 93 per cent in ransomware attacks since 2020, as per Deloitte. In May 2021, the Colonial Pipeline in the US fell victim to a ransomware attack which led to considerable disruption in the supply of gasoline, diesel, home-heating oil, jet fuel and military supplies in some parts of the country. Similarly, in April 2022, Oil India Limited’s field headquarters in Duliajan, Assam, experienced a ransomware attack, leading to a lockdown of computer systems. Moreover, phishing attacks are a common cybersecurity risk for the sector.
Cyberattacks can also endanger employees and the environment, because hackers can take control of critical systems such as pipelines and drilling equipment. A cybersecurity breach has the potential to inflict reputational harm, particularly when it results in a system hack. This also directly impacts logistics and supply chain operations, causing delays in deliveries and a loss of control in monitoring tanker trucks, pipelines and overall supplies.
Initiatives taken by oil and gas players to combat the issue
Cybersecurity initiatives in the oil and gas sector are crucial to safeguard critical infrastructure and operations. The industry is witnessing an increased integration of information technology (IT) and operational technology (OT) systems due to growing business requirements. Simultaneously, as businesses adopt different investment models such as capital expenditure or as-a-service, they create a complex environment that needs to be safeguarded. Effectively managing this complexity requires operational models that can support both in-house and outsourced cybersecurity functions.
Oil and gas companies can enhance their cybersecurity systems by implementing various measures to protect their digital assets and critical infrastructure. Firstly, prioritising endpoint protection is crucial. This involves the deployment of antivirus software, firewalls and intrusion detection systems to shield endpoints from potential cyberthreats. Another essential measure is the implementation of network segmentation, that is, effectively dividing a company’s network into isolated segments to thwart lateral movement by attackers. Embracing cloud computing can also help businesses improve their cybersecurity posture by leveraging cloud providers’ security expertise. The integration of industrial IoT (IIoT) devices in the industry enhances operational efficiency but also brings forth new cybersecurity challenges. It is thus essential to navigate the adoption of IoT cautiously, implementing measures to address potential risks and vulnerabilities associated with these interconnected devices.
By holistically considering these measures, businesses can fortify their cybersecurity resilience against a dynamic and evolving threat landscape. For instance, Mahanagar Gas Limited (MGL) has deployed a robust five-layer security system. The first layer is a comprehensive firewall managing hardware and policies. The second layer involves a network intrusion prevention system using artificial intelligence and signature-based detection. For internet-facing servers, a demilitarised zone is utilised, while sensitive servers benefit from deep security measures. E mail security is bolstered with advanced threat protection and domain-based message authentication, reporting and conformance. The final layer is endpoint security, incorporating threat intelligence exchange (TIE) for global signature verification and advanced threat detection for inconclusive cases identified by TIE. This multi layered approach ensures a proactive and adaptive security posture for MGL. Indian Oil Corporation Limited (IOCL) has also taken significant measures to ensure the security of sensitive data. Notably, the company has implemented a robust defence-in-depth cybersecurity architecture, complemented by a comprehensive data privacy policy. Furthermore, IOCL has obtained ISO 27001:2013 certification for all its data centres, reinforcing its dedication to maintaining a secure digital environment.
Cyber insurance 
Cyber insurance plays a pivotal role in modern risk management for businesses, offering financial protection against cyberthreats. Thus, by mitigating the financial impact of such breaches, cyber insurance becomes an essential safeguard for companies operating in today’s digitally driven landscape. In the oil and gas sector, where the interconnected nature of supply chains increases the risk of third-party breaches, this coverage protects against potential legal ramifications. According to a market report by Deloitte, the current valuation of India’s cyber insurance market stands between $50 million-$60 million and is anticipated to experience significant growth, with a projected compound annual growth rate ranging from 27-30 per cent over the next three to five years. Indian oil and gas companies such as IOCL and the Oil and Natural Gas Corporation (ONGC) are increasingly recognising the importance of cyber insurance to protect against cyberthreats. By investing in comprehensive cyber insurance coverage, these companies can enhance their resilience against cyber incidents and ensure business continuity amidst the evolving digital landscape. With the evolving threat landscape, it is imperative for these companies to stay ahead with cybersecurity measures, making cyber insurance an integral part of their risk management strategy.
Immediate need for better cybersecurity
The oil and gas industry faces substantial challenges due to its reliance on interconnected IT/OT systems. It is imperative to tackle these challenges and strengthen cybersecurity in order to safeguard critical infrastructure, protect intellectual property, ensure safety and maintain operational continuity. Further, it remains crucial to implement comprehensive risk management strategies, minimise the excessive number of alert notifications and alarms, and adopt best industry practices. Meeting and strengthening cybersecurity standards in the oil and gas sector is essential for mitigating the ever-evolving threats and maintaining a resilient digital defence.