Wednesday, September 1, 2021

New Report Highlights an Increased Cyber Threat to Offshore Installations

Two Year Trial Looks at Latest Vulnerabilities at Sea
Shipping News Feature

WORLDWIDE – A report issued by cyber defence specialist Naval Dome in cooperation with a major energy group has raised questions about the security of offshore installations as criminal methods become ever more sophisticated.

The joint research paper, the Cyberdefence of Offshore Deepwater Drilling Rigs, presented at an Offshore Technology conference in Houston last week was the result of two years’ work. The findings published take the view that the minimum industry guidelines, regulations and security techniques are out of step with current platform technology, connectivity requirements and cyber-attack methodology.

In the paper, the authors state that pilot tests confirm traditional, ‘perimeter type’ IT transplanted OT (operation technology) cyber security solutions, such as anti-virus, network monitoring and firewalls, are not enough to protect critical safety and processing equipment from attack, leaving rigs vulnerable. The paper goes on to highlight a shortage of OT cyber domain skilled staff, regulation and controls that are slow to evolve and be implemented, an IT-centric approached being applied to an OT environment, and a mismatch between drilling rig systems and equipment and their supporting software.

In his presentation to conference delegates, Adam Rizika, Head of Strategy, Naval Dome, gave fuller details as to how current systems were inadequate to fully protect the rigs, and going on to say how the test rigs’ OT networks were penetrated using a software installation file for dynamic positioning (DP) and workstation charts. He illustrated how Israeli headquartered Naval Dome simulated an OEM service technician unwittingly using a USB stick with malicious software containing three zero-day exploits, saying:

”The modified file was packaged in a way that looked and acted like the original one and passed anti-virus scanning without being identified as a cyberattack or picked up by the installed cyber network traffic monitoring system. Penetration testing confirmed how a targeted cyber attack on a deepwater drilling rig could result in a serious process safety incident, with associated financial and reputational impact.

“Where systems installed on offshore platforms had traditionally been isolated and unconnected, limiting cyber hack success, the increase in remote monitoring and autonomous control, IOT and digitalisation has made rigs much more susceptible to attack. Although industry guidelines and regulations offer minimum standard requirements, we found the advancement in rig technology, connectivity and cyber-attack methodology has outpaced the regulations, driving the need for a more comprehensive approach.

”It is abundantly clear that more advanced purpose-built solutions are needed to better protect an offshore platform from exposure to external and internal cyber attacks, whether targeted or otherwise”

The culmination of the two year trial saw the installation and pilot testing of Naval Dome’s Endpoint cyber defence system aboard the rigs in the Gulf of Mexico prompting Naval Dome Chief Executive Officer Itai Sela, to say:

“The project and successful pilot testing of a multi-layer cyber defence solution aboard these rigs has demonstrated that both new and legacy OEM systems can be better protected from internal and external cyberattack vectors, without the need for expensive equipment upgrades, or higher overheads that lead to an increase in total cost of ownership.

“Results to date demonstrate that the endpoint system is robust and can operate without interfering with ongoing rig operations. The cost of upgrading the obsolete systems is high, and even if upgrades are undertaken vulnerabilities can still remain.”

Photo: Courtesy of Royal Dutch Shell.