As many as 35 major cyberattacks on energy and oil infrastructure have taken place since 2017, making up one-third of all cyberattack incidents of the past five years, data from the S&P Global Platts Oil Security Sentinel research project showed on Friday.
Since 2017, the U.S. has been the most targeted country, followed by the UK and Saudi Arabia, according to S&P Global Platts Oil Security Sentinel.
Several high-profile cyberattacks have occurred in the past year alone, including the major ransomware attack on the computer network of the key fuel pipeline for the U.S. East Coast, Colonial Pipeline. That cyberattack in May 2021 forced the pipeline operator to shut it down for five days. The cyberattack and the subsequent shut down of the pipeline resulted in fuel shortages, a run to gas stations, and a spike in U.S. gasoline prices.
A month after the Colonial Pipeline attack, U.S. Secretary of Energy Jennifer Granholm said there were malign cyber actors capable of shutting down the U.S. power grid or parts of it, calling for increased public-private cooperation in fending off cyberattacks.
The world’s biggest oil company, Saudi Aramco, also suffered an attack in the summer of 2021. The state oil giant of the world’s largest oil exporter, Saudi Arabia, suffered a data breach in which cyber-attackers stole 1 terabyte of proprietary data and were selling it on the dark web. The Aramco data leak was the subject of a ransom demand of $50 million in cryptocurrency, The Associated Press reported at the time, adding that the Saudi oil giant told AP the leak had come from one of the company’s contractors.
In one of the latest cyberattacks on oil infrastructure, operations at the oil terminals of some of northwest Europe’s biggest ports were disrupted early this month by a large-scale cyberattack. Antwerp in Belgium—Europe’s second-largest port after Rotterdam—and the major German port Hamburg were among those targeted in the cyberattack. Company IT systems were also affected at the major oil trading hub Amsterdam-Rotterdam-Antwerp, which appeared to be one of the main victims of the cyberattack.