Blog / 2 min read
Cybersecurity remains a prominent concern for midstream and downstream oil & gas companies, as we've seen a steady stream of targeted cyberattacks aimed at enterprises within the sector. In fact, in just the past few months, oil & gas companies have faced Ryuk ransomware attacks and campaigns using Agent Tesla malware to collect credentials and sensitive data.
Fortunately, the cybersecurity industry continues to counteract evolving cybercrime tactics with ongoing innovations in cyber defense. In January 2020, the MITRE ATT&CK for ICS framework was released, providing security teams a useful tool for detection of OT security threats, detailing 81 techniques used to compromise ICS networks. Meanwhile, the U.S. Department of Energy continues working with industry partners on an updated model to help oil & natural gas organizations measure and improve cybersecurity capabilities and understand security posture.
Since our founding, Claroty has been at the forefront of OT security. Over the years, we've done a lot of work with midstream and downstream oil & gas companies as they are pivotal to the world's critical infrastructure, making them a focal point for attackers. Indeed, today we work with nearly 60% of the top 50 oil & gas refineries and pipeline operators globally. Some of the top OT security challenges we help empower them to overcome include:
An expanding attack surface due to digital transformation. Digital transformation initiatives, like those that boost the efficiency of refinery and pipeline operations and performance audits, usually require some degree of IT/OT connectivity. Without the proper controls, this expanded attack surface can introduce risk.
Limited visibility due to the composition of OT networks. Geographic distribution, prevalence of legacy systems, and a diverse patchwork of assets from different vendors that use different proprietary protocols, make it challenging to inventory OT assets and establish behavioral baselines to identify and address potential risks.
Limited detection and vulnerability management capabilities due to limited visibility. The limited visibility that makes it difficult to establish a behavioral baseline also makes it difficult to detect other types of threats and vulnerabilities such as known threats, high-risk behaviors, and full-match vulnerabilities.
Insufficient controls for remote access to OT networks. Given the widespread geographic distribution, a vast physical footprint, and heavy reliance on contractors and third-party OT vendors, OT remote access is typically a critical necessity. But without capabilities like granular policy- and role-based access controls, OT remote access remains extremely risky.
Download Claroty's Midstream and Downstream Oil & Gas Industry Snapshot for more details on the challenges we see this sector facing, how we help customers overcome them to achieve effective OT security, and sample architectures for deployments of The Claroty Platform among these customers.