Cyber attacks could wreck world oil supply

Hackers are bombarding the world's computer controlled energy sector, conducting industrial espionage and threatening potential global havoc through oil supply disruption.

Oil company executives warned that attacks were becoming more frequent and more carefully planned.

"If anybody gets into the area where you can control opening and closing of valves, or release valves, you can imagine what happens," said Ludolf Luehmann, an IT manager at Shell Europe's biggest company.

"It will cost lives and it will cost production, it will cost money, cause fires and cause loss of containment, environmental damage - huge, huge damage," he told the World Petroleum Congress in Doha.

Computers control nearly all the world's energy production and distribution in systems that are increasingly vulnerable to cyber attacks that could put cutting-edge fuel production technology in rival company hands.

"We see an increasing number of attacks on our IT systems and information and there are various motivations behind it - criminal and commercial," said Luehmann. "We see an increasing number of attacks with clear commercial interests, focusing on research and development, to gain the competitive advantage."

He said the Stuxnet computer worm discovered in 2010, the first found that was specifically designed to subvert industrial systems, changed the world of international oil companies because it was the first visible attack to have a significant impact on process control.

But the determination and stamina shown by hackers when they attack industrial systems and companies has now stepped up a gear, and there has been a surge in multi-pronged attacks to break into specific operation systems within producers, he said.

"Cyber crime is a huge issue. It's not restricted to one company or another it's really broad and it is ongoing," said Dennis Painchaud, director of International Government Relations at Canada's Nexen Inc. "It is a very significant risk to our business."

"It's something that we have to stay on top of every day. It is a risk that is only going to grow and is probably one of the preeminent risks that we face today and will continue to face for some time."

Luehmann said hackers were increasingly staging attack over long periods, silently collecting information over weeks or months before attacking specific targets within company operations with the information they have collected over a long period.

"It's a new dimension of attacks that we see in Shell," he said.

Article continues on next page…