[ad_1]
Cybersecurity experts are not surprised by revelations contained in a package of leaked US intelligence documents that show Russian-backed hackers successfully gained access to Canada’s natural gas distribution network.
But they said there is a huge difference between gaining access to a company’s network or server and actually disrupting Canada’s energy supply or causing injury or property damage.
“There’s a big disconnect between getting access to computers, in the industrial world, and knowing how to do physical things,” said Lesley Carhart, director of incident response for North America at industrial cybersecurity firm Dragos Inc.
“Criminal groups gain access to industrial facilities at any time. But just pressing a button doesn’t always lead to something important.”
The release of Pentagon documents that appeared on social media sites recently appeared to detail not only US and NATO operations in Ukraine, but also claims by Russian-backed hackers that they had successfully accessed Canada’s natural gas infrastructure.
The leaked documents do not name specific companies. CBC News and The Canadian Press have not independently verified these claims. Two companies – TC Energy and Enbridge – told the CBC their infrastructure was not compromised by hacking attempts.
There were US data leaks over the weekend that reportedly included sensitive details about the war in Ukraine, intelligence on Chinese secrets, American spying and an alleged hack of a Canadian energy company.
But the news has thrown cybersecurity concerns in the North American oil and gas sector into the spotlight.
The Communications Security Establishment (CSE), which oversees Canada’s foreign intelligence gathering and cyber security, said it does not comment on specific incidents. But it added that it is “concerned about the opportunity for disruption of critical infrastructure” in internet-related technologies “that support industrial processes.”
According to Geoffrey Cann, a BC-based author and speaker who specializes in digital issues affecting the oil and gas industry, Canada’s energy sector is routinely targeted by cybercriminals for financial gain as well as by state-sponsored hackers hoping to wreak havoc.
“You’d be surprised if they didn’t target Canadian infrastructure, because targeting energy infrastructure around the world is routine,” he said.
“And the industry is very aware of this. It’s a board-level topic.”
In 2021, a ransomware attack successfully targeted the Colonial Pipeline, the largest pipeline system for refined petroleum products in the US.
Carhart said it is no secret that state-sanctioned actors are also trying to break into oil and gas company systems for purposes of corporate espionage, sabotage or terrorism.
But he points out that industrial sites have layers of protocols and safety equipment, and simply gaining access to computer servers is not enough to cause an impact.
“Industrial facilities are made to be very safe. They are made to survive human error, and device failure.”
He said it can take years for cybercriminals to learn a company’s internal processes and equipment in order to cause an incident.
“Yes, there are countries with resources that spend a lot of time and money studying these facilities so that they can do something in the future. But does just having access to these facilities mean they can? No.”
Cann agreed that while oil and gas companies themselves should be concerned about the financial and operational risks of cyberattacks, the risk of hackers disrupting energy supplies to Canadians during critical periods remains low.
“For a hack to succeed in Canada, it must bring down an enormous amount of our infrastructure at the same time. And it is possible, but the probability is infinitesimal,” Cann said.
“Oil and gas infrastructure is constantly under attack, but there are some common occurrences that we’re hearing about, so we’re happy.”
[ad_2]
Source link