Canada’s oil and gas sector is a key part of the Canadian economy, accounting for approximately $120 billion, or about 5% of gross domestic product (GDP). The sector not only drives economic growth, but also plays a key role in national security as it supports essential services such as heating, transportation and power generation. However, the increasing digital transformation of operational technology (OT) in the sector makes it more vulnerable to cyber threats, according to a report from the Canadian Cyber Security Centre.
Key findings from the Canadian Cyber Security Centre report
According to a survey conducted by Statistics Canada, approximately 25% of all Canadian oil and gas organizations reported experiencing a cyber incident in 2019. This figure represents the highest reported number of all critical infrastructure sectors and highlights the urgent need to strengthen cybersecurity measures in Canada. The digital transformation of OT systems, while beneficial for management and productivity, has also expanded the attack surface for cyber actors and exposed these systems to a range of cyber threats.
Source: Representative photo from the report
The Canadian Cyber Security Centre has observed that moderate to advanced cyber attackers are increasingly targeting organizations indirectly through their supply chains. According to the report, this tactic allows attackers to obtain valuable intellectual property and information about the target organization’s networks and OT systems. The reliance of large industrial asset operators on a diverse supply chain that includes laboratories, manufacturers, vendors and service providers creates significant vulnerabilities. Cyber attackers can exploit these vulnerabilities to gain access to otherwise protected IT and OT systems.
The report highlights that financially motivated cybercriminals are the most significant threat to the oil and gas industry, with Business Email Compromise (BEC) schemes and ransomware attacks reportedly being particularly prevalent. While BEC is likely more common and costly than ransomware, the latter remains a major concern due to its potential to disrupt oil and gas supplies to customers.
The report concludes that the underground cybercrime ecosystem is continually evolving, with the Ransomware-as-a-Service (RaaS) model allowing less skilled attackers to launch sophisticated attacks, which has led to an increase in the number of successful incidents targeting this sector.
The report cites the May 2021 ransomware cyberattack on Colonial Pipeline as a striking example of the potential consequences of such a cyber incident. The attack forced the shutdown of one of the largest gasoline, diesel and jet fuel pipelines in the United States, leading to major disruptions to fuel supplies, hoarding and short-term price hikes. The report warns that a similar incident could occur in Canada, putting the supply of critical products and services at risk.
Financial impact of data breaches runs into millions of dollars: report
The report also highlights the economic impact of cyber threats. The cost of a data breach can vary widely and is estimated to run into the millions of dollars depending on the size and nature of the organization. The potential disruption or disruption of OT systems poses a costly threat to owners and operators of large OT assets, impacting national security, public safety and the economy.
Additionally, the Canadian Cyber Security Centre notes that the oil and gas sector has attracted considerable attention from financially motivated cyber attackers due to the high value of its assets. Cybercriminals are targeting not only operational systems, but also valuable intellectual property, business plans and customer information. The report highlights the importance of protecting these assets, as any disruption to operations could have far-reaching effects.
In light of these threats, the report urges oil and gas organizations to prioritize cybersecurity investments and adopt a proactive approach to risk management. Ongoing training and awareness programs for employees are essential to mitigate the risks associated with human error, which is often a major factor in successful cyber attacks.
The Canadian Cyber Security Centre emphasizes that public-private collaboration is necessary to effectively combat cyber threats: Sharing information and best practices can help organizations better prepare for and respond to cyber incidents.
In conclusion, the Canadian Cyber Security Centre’s findings highlight the urgent need for strengthened cybersecurity measures in Canada’s oil and gas sector. As cyber threats grow, it is essential that organizations take proactive steps to protect their operations and ensure the resilience of this critical infrastructure. The risks have never been higher in the fight against cybercrime, and the time to act is now.
