Qatar could face an increased number of cyber attacks during the FIFA World Cup in 2022, with oil and gas amongst the most vulnerable sectors, an expert has said.
Large scale events have huge implications on how you protect that environment,” Rashmi Knowles, chief EMEA security architect at RSA, said on the sidelines of the RSA security conference in San Francisco.
Knowles added that the region is witnessing a growing number of attacks, particularly in certain sectors, with oil and gas being amongst the most targeted industries in the Middle East.
“Overall, threats are going up. Also, the type of attacks have changed. So earlier the focus was on custodial data such as stealing credit card information. We will still see those attacks, but the bigger threat in the Middle East is cyber espionage, which is stealing intellectual property.
“That’s almost a hidden crime – if you lose personal information, you report it. But if you are an oil company and you lost intellectual property about a new drilling platform, you don’t need to report it, yet it has a huge impact on your operations and that hidden crime is what we don’t see reported in the media.
“That’s because there’s a stigma associated with the crime – most organisations are embarrassed that they were unable to prevent the attack,” Knowles said.
According to a study by PwC, the number of reported cyber attacks carried out on oil and gas companies last year soared above 6,500 cases – a 179% increase from the year before.
Frost & Sullivan also reported that cyber security uptake is expected to surge and become “the highest-priority area for oil and gas companies”.
In 2012, Saudi Aramco, the world’s largest crude oil exporter, fell victim to one of the most notorious cyber attacks in the region’s history.
A self-replicating virus struck as many as 30,000 of Aramco’s Windows-based machines causing damage, that took the oil giant as many as two weeks to recover from.
In a seperate incident, Qatar’s RasGas was hit by the so-called Shamoon virus in 2012, which is capable of wiping clean any hard drive and its database.
“From our interaction with the market, we’ve seen that the Middle East is determined and prepared to set an example on a global scale when it comes to cyber-attacks in the oil and gas industry,” Diego Arrabal of F5 Networks said.
“However, while awareness-levels and technological capabilities to cope are at an all-time high, the region’s oil and gas industry needs to be extremely cautious about ever-evolving and increasingly complex risks.
“Looking ahead, we need to do everything we can to raise industry knowledge of the complexity and nuances of the problems, and ensure industry players, governments, as well as software and hardware vendors, are all on the same page,” he added.
