Jordan Oil Sector and Cyber Attacks.pptx (original) (raw)

Cyber attacks in oil and gas Industry

Cyber Attacks in oil and gas , 2021

The oil and gas industry has suffered quite representative cyber attacks in this decade, mainly with reference to Information Technology and Operational Technology.

A New Kind of Information Warfare? Cyber-conflict and the Gulf crisis 2010–2017

The Political Economy of Communication, 2018

This article analyses the current Gulf crisis that started in May 2017 by posing the following question. Did an information war unfold or did the crisis events that took place merely illustrate yet another round of propaganda and disinformation contests among Gulf participants and their backers? Accordingly, I will focus on five central themes. First, the theoretical underpinning and key concepts concerning Information Warfare (and related notions like Hacktivism and Cyber War) will be discussed in relation to information space and the media sphere. The second theme explores the historical, strategic, and geopolitical dynamics that led to the crisis and looks closely at the rivalries taking place in the region, with a particular focus on the proxy war between Iran and Saudi Arabia. Against a backdrop of geopolitical tensions and cyber threats, the third theme reviews some of the most notorious cyber attacks that occurred in the Gulf region up until the Trump Presidency. The fourth theme sheds some light on recent manifestations of the Gulf crisis and the anti-Qatar coalition’s modus operandi. Fifthly, Qatar’s response to the crisis will be reviewed and evaluated.

Robert Kosova, Irakli Prifti, Teuta Thanasi, Elda Cina - Digital oilfield and the cyber risks in the everyday work. Managing oilfield data in a more unsecure world.

Industrial organizations operating in the oil and gas sector face greatest challenges today including the pressing need to find and exploit new energy supplies, greater regulatory pressures, new work requirements and the demands of a growing data management. At the same time, oil companies face a serious and growing risk from cyber-attacks, malicious software, and other threats against their IT infrastructure, scientific and production data and intellectual property. Extracting value from the computers or networks of unsuspecting oil companies and government agencies has become a big business and a very profitable one. No oil company or agency can ignore network security today; it is the source of systematic risk that threatens long-term health, stability and profitability of any oil company. Cyber security is and must be part of any corporate strategy for managing risk and compliance. Cyber security risk management is becoming a high-level responsibility for any board of executives and one of the most difficult tasks to deal with. From the history of hacking and cyber attacking there are plenty of conclusions and results such as: It is not difficult at all to hack data from a oil company. More than 90% of successful breaches required only the most basic techniques to do. Only 3% of breaches were impossible or unavoidable without difficult or expensive actions. Outsiders were responsible for most network breaches. 85% of breaches took a lot of time to be discovered; the average time for discovering one is five to six months. 96% of successful breaches could have been avoided or prevented if the victim (oil company) had put in place simple or intermediate controls.

An Argument for Cybersecurity in Saudi Arabia

Land Forces Academy Review, 2022

In this paper, the researcher briefly discusses the attacks that have occurred recently within Saudi Arabia to entities such as Saudi Aramco to the Ministry of Health. These attacks are aggressions against government institutions that can render a sector vulnerable. Observing the ongoing attacks on critical infrastructure in Ukraine one can see a replication of similar attacks that could occur and spread over the Middle East. As this nation is a politically turbulent region, there is no small number of external threats. To combat these evolving threats, a shift towards cyber readiness must occur. This includes new laws, security-hardened technologies, and education for people living in the kingdom.

Cyber Attacks and Impacts: A Case Study in Saudi Arabia

With the development of technology, modern computer-assisted and Internet crimes have been increasing all this while, and there is a need to further investigate the current status of cybercrime and computer forensics in the region. Saudi Arabia is one of the fastest growing countries in the Middle East in terms of communications technologies such as the Internet and mobile phones. In this paper we explore cybercrime challenges in the Middle East using Saudi Arabia as a case study. In particular, we examine the impact of the use of Internet and cybercrime on adolescents in Saudi Arabia.

Oil and Terrorism: Al Qaeda's Threat

This Technical Memorandum discusses the nature and extent of the terrorist threat against the petroleum industry. It specifically focuses on al Qaeda’s efforts and stated intent to strike at energy infrastructure in the Middle East and in other parts of the world, including Canada, Mexico, and Venezuela. Additionally, it highlights economic costs of petro-terrorism and vulnerabilities to oil infrastructure, and suggests possible options for governments and industry to reduce the risks posed by terrorists.

Cyber-Attacks on the Oil Gas Sector: A Survey on Incident Assessment and Attack Patterns

IEEE Access

During the past two decades, oil and gas operational and information technology systems have experienced constant digital growth, closely followed by an increasing number of cyber-attacks on the newly interconnected systems. Adversaries exploit vulnerable accessible device or malware attacks networked services, in an attempt to gain access to critical systems and machinery that are interconnected over networks. Given the importance of the oil and gas sector on the global economy and the diversity of critical systems often being controlled over remote locations, it is highly important to understand and mitigate such attacks. In this paper, we survey cyber-attacks on all three domains of the oil and gas sector (upstream, midstream, downstream) starting from the early 90s up until 2020. For each domain, we document and analyze verified attacks based on real-world reports and published demo attacks on systems. We map and catalogue the attack types used in each case, in order to understand common and subliminal attack paths against oil and gas critical operations. Our aim is threefold, i.e., first, to assess documented attacks using standardized impact assessment techniques and highlight potential consequences of cyber-attacks on this sector, second, to build a vulnerability taxonomy based on technical knowledge gathered by all such incidents and connect each vulnerability with oil and gas systems and respective attack paths, and third, to map the documented knowledge and taxonomies with MITRE's international knowledge base of Adversary Tactics and Techniques, so as to provide a general guide for analyzing and protecting against cyber-attacks at oil and gas infrastructures.