Offshore Drilling Rigs Vulnerable To Cyber Attacks

BY Ray Stevens / ON Aug 25, 2021

Digitalisation and remote monitoring have been hailed as the next big thing in the offshore oil and gas industry, but these advances in technology have led to offshore drilling rigs being more vulnerable to cyber attacks, which could lead to serious safety incidents, according to a new report.

Offshore Mag reports that US cybersecurity firm Naval Dome recently completed a project to identify and mitigate cybersecurity risks that are common to offshore deepwater drilling platforms.

The two-year investigation revealed that minimum industry guidelines, regulations, and security methods are out of pace with current platform technology, connectivity requirements, and cyber-attack tactics.

Adam Rizika, Head of Strategy at Naval Dome, said: “Where systems installed on offshore platforms had traditionally been isolated and unconnected - limiting cyber hack success, the increase in remote monitoring and autonomous control, IoT and digitalisation have made rigs much more susceptible to attack.”

Pentesting an oil rig

During the pentest, a rigs’ operation technology network had been breached via a software installation file for dynamic positioning (DP), a programme that automatically maintains a vessel’s position and workstation charts.

Naval Dome simulated the instance that an OEM (original equipment manufacturer) service technician was unwittingly using a USB stick containing malicious software: three zero-day exploits.

What is a zero-day exploit?

Kaspersky defines ‘Zero-day’ as a newly found security flaw that hackers can exploit to attack systems, before developers have a chance to fix the flaw.

Attacking an oil rig via USB

Rizika described how the cyber attack was launched on an offshore rig with just a USB stick containing malicious software: “The modified file was packaged in a way that looked and acted like the original one; and passed anti-virus scanning without being identified as a cyberattack, or picked up by the installed cyber network traffic monitoring system.”

While the attack was carried out internally under test conditions, Rizika said that remote execution was feasible using the rig’s externally facing network connections.

The penetration testing confirmed how a targeted cyberattack on an offshore rig could result in a serious safety incident, not to mention the resulting financial and reputational concerns.

According to Naval Dome, the tests have confirmed that traditional, ‘perimeter type’ IT cybersecurity solutions (such as anti-virus, network monitoring, and firewalls) are not enough to protect critical safety and processing equipment from attack, leaving rigs vulnerable.

Rizika reported that it is ‘abundantly clear’ that purpose-built advanced solutions are required to ensure offshore platforms are better protected from both external and internal cyberattacks, whether targeted or otherwise.

The investigation found a shortage of skilled staff in the operational technology (OT) domain. Regulation and controls are slow to be implemented and evolve, with an IT-centric approach being applied to an OT environment. The investigation deduced that there was a mismatch between drilling rig systems and equipment, and their supporting software.

Findings from the two-year project resulted in the oil major working with Naval Dome to install the security firm’s cyber defence system aboard drilling rigs in the Gulf of Mexico.

How can oil rigs improve their security with pentesting?

Pentesting is the best way to know for sure if an organisation could be an easy target for a hacker. Crucially, a pentest shows you both how strong your defences are, but also what the potential consequences could be if an attacker really got into your network.

With critical infrastructure such as an oil rig, the potential consequences can be pretty devastating - fuel shortages and national security threats (as in the case of the Colonial Oil pipeline hack from 2021).

Improve your security with regular pentesting to ensure you’re on top of any patches, misconfigurations or other low-hanging fruit hackers love.

If you’re looking for penetration testing experts, talk to us today or get a quote today in less than 60 seconds!.