Offshore Drilling Rigs Vulnerable To Cyber Attacks

BY Ray Stevens / ON Aug 25, 2021

Digitalisation and remote monitoring have been hailed as the next big thing in the offshore oil and gas industry, but these advances in technology have led to offshore drilling rigs being more vulnerable to cyber attacks, which could lead to serious safety incidents, according to a new report.

Offshore Mag reports that US cybersecurity firm Naval Dome has recently completed a project to identify and mitigate the cybersecurity risks that are common to offshore deepwater drilling platforms.

The two-year investigation revealed that the minimum industry guidelines, regulations, and security methods are out of pace with the current platform technology, connectivity requirements, and cyber-attack tactics.

Adam Rizika, Head of Strategy, Naval Dome, said: “Where systems installed on offshore platforms had traditionally been isolated and unconnected, limiting cyber hack success, the increase in remote monitoring and autonomous control, IoT and digitalisation has made rigs much more susceptible to attack.”

He explained how the test rigs’ operation technology networks had been breached using a software installation file for dynamic positioning (DP) that automatically maintains a vessel’s position and workstation charts.

Naval Dome simulated an OEM (original equipment manufacturer) service technician unwittingly using a USB stick with malicious software containing three zero-day exploits.

According to Kaspersky, ‘Zero-day’ is a term used to describe newly found security flaws that hackers can exploit to attack systems before developers have a chance to address the flaw. Developers have ‘zero days’ to fix the exploit.

Rizika described how the cyber attack was launched on an offshore rig with just a USB stick containing malicious software: “The modified file was packaged in a way that looked and acted like the original one and passed anti-virus scanning without being identified as a cyberattack or picked up by the installed cyber network traffic monitoring system.”

While the attack was carried out internally under test conditions, Rizika said that remote execution was feasible using the rig’s externally facing network connections.

The penetration testing confirmed how a targeted cyberattack on an offshore rig could result in a serious safety incident, which also impacts associated financial and repetitional concerns.

According to Naval Dome, the tests have confirmed that traditional, ‘perimeter type’ IT cybersecurity solutions, such as anti-virus, network monitoring, and firewalls, are not enough to protect critical safety and processing equipment from attack, leaving rigs vulnerable.

Rizika reported that is ‘abundantly clear’ that more advanced and purpose-built solutions are required to ensure that offshore platforms are better protected from exposure to both external and internal cyberattacks, whether targeted or otherwise.

The investigation found that there is a shortage of operational technology (OT) cyber domain skilled staff, and that regulation and controls that are slow to evolve and be implemented, an IT-centric approached being applied to an OT environment, with a mismatch between drilling rig systems and equipment and their supporting software.

Findings from the two-year project resulted in the oil major working with Naval Dome to install the security firm’s cyber defence system aboard drilling rigs in the Gulf of Mexico.

If you’re looking for penetration testing experts, talk to us today.

Share: