Colonial Pipeline hack spurred copycat attacks on other oil and gas companies

New research reveals 29% increase in attacks on IT systems and perimeter defenses

Attacks on the oil and gas industry have increased over the last quarter with the Colonial Pipeline ransomware incident being a key driver.

According to a new report by Obrela Security Industries, the oil and gas sector was one of the only industries to experience a consistent increase in attacks on its systems. In contrast, many other industries saw fewer from April through June 2021. 

The industry saw an 18% increase in attacks on its users and endpoints, a 22% increase in attacks on its cloud environments, and a 12% increase in attacks on its IT infrastructure. There was also a 29% increase in attacks on its system and perimeter defenses, a 14% increase in web attacks, and a 22% increase in APT and malware attacks.

“The data highlights that as the world watched Colonial Pipeline fall to its knees at the hands of ransomware, attacks on the whole oil and gas sector were heating up as cyber criminals across the globe tried to cash in on other pipelines,” said George Papamargaritis, operations officer at Obrela Security Industries.

The latest victim is Saudi Aramco, the world’s most valuable oil producer. Hackers demanded a $50 million ransom following a data leak on the dark web. This reinforced the report’s findings that attacks on oil and gas are rising and the industry should brace itself and expect attacks to worsen as cyber criminals test the industry’s defenses. 

Related Resource

How to reduce the risk of phishing and ransomware

Top security concerns and tips for mitigation

Large letter 'O' against a background of a city - whitepaper from MimecastFree download

Papamargaritis added that despite President Biden’s warning that critical national infrastructure should be off-limits to attacks, the oil and gas sector has been a prime target for cyber criminals. He noted the attack on Colonial Pipeline likely prompted this.

“When Colonial Pipeline publicly admitted to paying the ransom, attackers gained intelligence around how a successful attack on the sector is almost guaranteed to amount in a pay-out. The sector is at a greater risk than ever before and addressing security risks and hardening systems must be the number one priority,” he said.

The report also found the health care sector experienced a 71% increase in attacks on internet of things (IoT) devices. However, there was a 58% decrease in attacks on banking and finance users and endpoints in the same quarter. There was also a 66% decrease in attacks on banking and finance IT infrastructure.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022