A SAFE Intelligence Report published this month (not yet publicly available) discusses the issue of energy infrastructure cyber security – in other words, the vulnerability of our nation’s electricity, oil, and gas facilities to an attack via the internet.

It has been known for some time that diplomatic and military cyber espionage is an active and growing part of many nations’ intelligence portfolios. Among other new positions and departments in various parts of the U.S. government, there is now an assistant secretary for cybersecurity at the Department of Homeland Security and a National Cyber Investigative Joint Task Force. Yet it is now becoming clear that cyber espionage is increasingly problematic in the private sector, where unknown parties can hack into a company’s computer networks to get proprietary information or, more maliciously, can actually assume remote control of facilities, like power generation plants or pipeline pumps, and cause substantial damage to the company and the users who depend on the product. Sophisticated and customized attacks on corporate computers began around 2004 but have proliferated more recently. According to a study by McAfee, the antivirus company, in 2008 alone around $1 trillion in intellectual property was stolen worldwide through cyberspace.

Indeed, in the energy sector, where the lines between the private and public sector, and corporate versus national interests are often blurry, increasing cyber espionage and attacks, particularly from abroad, are of potentially grave concern to U.S. energy companies and their infrastructure.

The Christian Science Monitor, after five months of investigation, published an important article this morning documenting cyber attacks on three large U.S. oil companies – ExxonMobil, Marathon Oil, and ConocoPhillips – at least some of which came from China. The attacks typically included a false email from a colleague with an embedded link. In the case of Marathon, it was a company executive requesting (and here is perhaps a bit of humor on the part of the attacker) an analysis of the Emergency Economic Stabilization Act, the federal bailout of the U.S. banks.

Documents from company meetings with federal officials, according to CS Monitor, suggest that the information stolen was bid data on oil blocks – that is, how much oil the company believes to be held in certain areas, information they have gleaned from billions of dollars of seismic surveying and exploration wells. The federal officials said the data was of potentially great value to “state-owned energy companies.” Paul Dorey, former chief information security officer at BP, told CS Monitor that “Knowing which one of those blocks is oil-bearing – and which to go for and which not – is clearly worth something. If I was a foreign government, that’s the data I would want to get.”

What is interesting about cyber attacks on corporations, regardless of whether the attacks originate from a foreign government or a private actor, is that the companies are loathe to publicly admit that their networks – and potentially the intellectual property that creates their value – have been compromised. The FBI, which according to the CS Monitor had originally notified the companies about the breaches, maintains their confidentiality as well. Therefore, we do not really know the extent to which outsiders have penetrated private networks. This is of public concern because not only do cyber attacks threaten U.S. competitiveness, but those same breaches could potentially be used for terrorist attacks that cut off crucial energy supply, leading to massive panic and economic damage.

Previous Post  

Next Post

The Long Road of Transportation Reauthorization
March 9, 2010

Getting Secretaries Chu and Geithner Together for Lunch
March 8, 2010

Cap and trade; bait and switch
March 4, 2010