US Energy Department launches project to protect oil & gas industry from cyber attacks
|Photo courtesy: Purestock/Thinkstock|
The U.S. Energy Department has formed a partnership with industry experts, the Department of Homeland Security and other stakeholders to jointly launch a tool that will facilitate cyber attack protection for the oil and gas sector, which will enable operators to evaluate and prioritize their security strategies so that they can effectively detect and counter cyber crime.
The project will start with a number of meetings over the next few months, held by the Energy Department, where all parties will provide input on making a draft Oil and Natural Gas Cybersecurity Capability Maturity Model (ONG-C2M2). Once the model has been developed, more than a dozen volunteering operators and owners of oil and gas companies will implement the tool as a pilot, which will be looking to assess its performance and its reliability. Results will be analyzed and the tool will be updated before being released to the industry, Energy Live News website reported.
According to Energy Secretary Ernest Moniz, the oil and gas industry has become a major target for hackers and its ability to effectively prevent attacks is essential for the development of the sector. Cyber attacks are a risk to the industry but at the same time their increasing rate of frequency and sophistication help businesses see their weaknesses and improve their protection and security, he added.
RELATED: North American energy industry faces cyber attacks
The project builds on the successful implementation of a similar project in the electricity sector, Moniz explained. If it succeeds in the oil and gas industry, the U.S. energy sector will be one step closer to the Department's goal to provide a reliable and resilient delivery systems that can easily survive hackers' attacks without serious consequences.
Meanwhile, a recent report from the Department of Homeland Security revealed that the oil and gas sector was targeted by cyber criminals more than any other industry in the United States. Over the six months leading to May 2013 there were 111 cyber incidents reported by the energy sector, accounting for 53% of all cyber attacks reported to the Industrial Control Systems -- Cyber Emergency Response Team, up from 81 incidents reported in same period last year. Some of the incidents included various industrial control systems of gas compression stations located in the Midwest, the report showed.
The Homeland Security report notes that businesses should not only focus on prevention but should also consider improving detection options and response. It states that there are two main areas that the industry needs to work on: response capabilities to mitigate the effect of a cyber attack and data recovery capabilities that would protect businesses from excessive damage and would enable them to function normally.