The connection of seaward oil and gasoline facilities in the U.S. is at serious and increasing peril of a potentially withering cyberattack , a government watchdog says . The Government Accountability Office ( GAO ) released a newreportlast week finding that if a cyberattack successfully hits the Carry Nation ’s seaward infrastructure , it could cause a catastrophe with impacts similar to those of the Deepwater Horizon cataclysm .
agree to the GAO , there are presently more than 1,600 structures on the outer continental shelf postulate in oil and flatulency production dotting the Atlantic , Pacific , and Alaskan coasts , as well as the Gulf of Mexico . Those structures are overwhelmingly reliant on operational applied science that is controlled remotely . These systems , the GAO found , are particularly vulnerable to being hacked or otherwise offend by bad - faith doer , specially Old systems that have few security measure measures in topographic point . What ’s more , late governance sweat to squawk up the diligence ’s cybersecurity have result in small action .
“ remove the immediate evolution and implementation of an appropriate strategy , offshore oil and gas infrastructure will go on to remain at substantial danger , ” the GAO submit in the report .
The Deepwater Horizon platform burns on 19 January 2025.Photo: Gerald Herbert (AP)
Last year , the certificate of oil and gas pedal infrastructure was thrown into the national spot after hackers with the group DarkSide violate the systems of the Colonial Pipeline , the biggest gasoline pipeline in the cUnited States . The attack prompt the word of mouth to shut down for nearly a week , spur asmall gas pedal panicon the East Coast , and was the turgid breach of critical infrastructure in U.S. account . The hack was especially sticky given that the leak was a resultant role of asingle compromise password , and a technical school audit conducted three years before the breach found that Colonial ’s system could have been hacked by “ an eighth - grader , ” one of the attender latertold AP . The attack motivate alarger reckoningover the certificate of oil color and flatulence system — as well as the federal government ’s lax attitude towards those system .
The nation ’s internet of seaward oil and flatulence facilities and infrastructure is regulated by the Bureau of Safety and Environmental Enforcement ( BSEE ) . In a widely - tramp review of BSEE policies , which include reviews of reports of what come about during previous operational technology failure on rock oil and gas facilities as well as interview with Union employees and industriousness stakeholders , the GAO found that oil and gaseous state operations are increasingly moving to remote workplace and “ remote-controlled vegetable oil and gas product is becoming increasingly common . ” At the same time , many functional technology system are outdated or connect to bombastic occupation and IT systems within a company that can be accessed remotely .
Bad actors — like other nations , transnational criminal groups , or hacker — can more and more access systems like these through the business close , the news report state , and they can transmigrate those attacks more easily to the platforms and drilling infrastructure themselves . While the BSEE has made two effort in 2015 and 2020 to plow cybersecurity in drilling infrastructure , the write up notes that “ neither resulted in satisfying action . ”
As far as we know , there has n’t yet been a deliberate attack on a U.S. oil and gas boring applied science web by a malicious actor , officials told the GAO . But we have ascertain what the failure of an operating technology system can appear like — and how withering it can be . The bankruptcy of an automatic safety organisation was part of the shower of issues that led to the 2010 Deepwater Horizon explosion , the biggest oil wasteweir in U.S. history that killed 11 people .
“ Threat worker are becoming more and more open of carrying out attacks on critical infrastructure , including seaward oil and gas substructure , ” the report finds . “ At the same prison term , the substructure is becoming more vulnerable to attack . More specifically , the [ operational technology ] in oil and gas infrastructure is increasingly vulnerable to being exploited in cyberattacks that could result in serious harm to human safety , the environment , and the economy . ”
information processing system securityCyberattack
Daily Newsletter
Get the unspoiled tech , science , and culture newsworthiness in your inbox daily .
tidings from the time to come , delivered to your present .
Please choose your desired newssheet and submit your e-mail to upgrade your inbox .
You May Also Like
