Build Resilience against Cyber-attacks, FG Tells IOCs

By Chineme Okafor

The federal government has advised oil and gas companies operating in Nigeria to build up resilience against cyber-attacks, an unhealthy phenomenon it predicted to rise in 2021.

It hinted that Nigeria’s oil industry, like most others in the world was vulnerable to such cyber-attacks, adding that leading trends such as e-commerce, mobile payments, cloud computing, big data and analytics, as well as Internet of Things (IoT), Artificial Intelligence (AI), and social media, increase cyber risk for the oil and gas industry.

Speaking through Mr. Justice Derefaka, the Technical Adviser to the Minister of State for Petroleum Resources, Mr. Timipre Sylva on gas business, at a webinar on, ‘using technology to optimise production in the oil sector,’ the government also noted that its plan for a $10 per barrel unit cost of production in Nigeria could be achieved with technology optimisation.

It explained that records from 2020 alone had shown that the estimated number of passwords used by humans and machines worldwide will grow to 300 billion, and that online hackers’ attacks occur every 39 seconds and on average 2,244 times a day.

Damages related to cybercrime, it added is projected to hit $6 trillion annually by 2021, with the global cybersecurity market net worth moving from $3.5 billion in 2004 to $120 billion in 2017.

Often, the Nigerian National Petroleum Corporation (NNPC) raises the alarm over theft of the identities of its high-profile officials mostly to perpetrate contract scams by cyber criminals; however, the government cited an August 2012 cyberattack on Saudi Aramco as a defining example.

“The self-replicating virus infected as many as 35,000 of its Windows-based machines. The whole computer-based system of the organisation was destroyed in a matter of hours.

“Shamoon was identified as the virus that caused significant disruption to one of the world’s larger oil producer. Its (Shamoon) main function is the indiscriminate deletion of data from computer hard drives,” said the government.

It further stated that the, “attack did not result in an oil spill, explosion or other major fault in operations of the organisation,” but affected its business processes, resulting in the loss of some drilling and production data.

“Saudi Aramco’s computer technicians ripped cables out of the backs of computer servers at data centers all over the world.

Every office was physically unplugged from the Internet to prevent the virus from spreading further.

“Without access to the digital payment system, the company’s ability to supply 10 per cent of the world oil was also wiped out and it had to stall the trucks waiting at its gates to take the oil away.

“(The) Company was sent back to 1970s as employees had to use typewriters and faxes in order to keep basic functions operable. After 17 days, Saudi Aramco had to start giving away oil for free to ensure supply within Saudi Arabia,” it added.

Based on this and projected rise in cyberattacks on the oil sector, the government therefore asked IOCs in the country to be cautious of and build up resilience against a virus, Ransomware in 2021.

“Ransomware damage costs are predicted to be 57 times more in 2021 than they were in 2015. This makes ransomware the fastest growing type of cybercrime. The U.S. Department of Justice (DOJ) has described ransomware as a new business model for cybercrime, and a global phenomenon.

“Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015, according to Cybersecurity Ventures. Ransomware attacks saw a 350 per cent increase in 2018,” it explained.

According to it: “Businesses will fall victim to a ransomware attack every 11 seconds by 2021, up from every 14 seconds in 2019, and every 40 seconds in 2016. 90 per cent of successful hacks and data breaches stem from phishing scams, emails crafted to lure their recipients to click a link, open a document.”

Notwithstanding, it also stated that its intention to cut the unit cost of oil production in Nigeria is still top on its priority list, adding that by 2021, it expects to bring down the cost to $10 per barrel.

To do this, it said the industry will have to build digital competencies to improve asset management.

It further explained that predictive maintenance has begun to replace traditional time-based preventive maintenance strategies and that this enables maintenance to be more accurate and operations more efficient.

“It is obvious that the future of asset management will be more data driven (predictive), which translates to the need for companies to invest in digital assets and human capital development such as, upskilling of the workforce on digital technologies and data analytics to enhance better decision making.

“In the digital maturity curve, the oil and gas industry is one of the lowest, only a little above the public sector. This indicates the need for a bullish transition in the industry’s digital scale.

And I think we need to do a fast catch up,” it said.

Related Articles