According to a growing number of companies, the convergence of digital technology with the existing supervisory control and data acquisition (SCADA) infrastructure has increased the risk of cyber attacks on the oil and gas industry.

Todd O’Boyle, co-founder and chief technology officer of ‘malware’ specialist Percipient Networks, says that oil and gas companies are “lucrative targets” for people motivated to perform industrial espionage, steal intellectual property or cause critical damage to infrastructure.

Attacks are typically part of an on-going attempt by individuals and interest groups world-wide — in some cases, government agencies and nation states — to disrupt the oil and gas market and damage the financial standing of certain companies.

A recent report from the Boston Consulting Group says that the oil and gas industry’s value chain “not only offers many potential entry points for an attack but also leaves the industry vulnerable to multiple types of attack.

“Upstream data is the most vulnerable to an attack, due to data often being transmitted from old or unsecured equipment and without standard protocols or security precautions.”

Mr O’Boyle adds: “Malware has posed a threat to small and mid-size oil and gas companies that don’t have the skills or budget to deploy complex solutions to protect prime targets, while the number of ‘phishing’ attacks against the industry is also growing. Between October 2015 and March 2016, the number of attacks grew by 250%.”