To advertise on this website,
please write to
The Cyber Security Forum for Energy and Utilities in Abu Dhabi is fast approaching, and is aiming to address the rising need to protect assets and energy installations from cyber threats. Crucial issues such as the threats facing national networks - together with the solutions on offer – are set for discussion between 21 – 24 May.
The protection of critical national infrastructure has long been a serious concern to governments in this region, but an all-encompassing approach means achieving this is no longer limited to physical security. The widespread use of interconnected networks and control systems in national oil, gas, power, water and electricity sectors, means there is now a very real and growing need to enhance cyber security, highlighted by an ever-increasing number of international attacks.
Indeed, as a region responsible for much of the world’s energy, GCC countries are placing cyber defence as one of their priority areas for development. Saudi Arabia has plans to spend $3.3bn on oil and gas infrastructure security and Qatar, Oman, Kuwait and the UAE are set to follow suit over the coming years.
“The cyber security threat to energy installations is surprisingly widespread, running across utilities and distribution networks to generation, refining, and even drilling and exploration. Most security professionals now say that if you think you have not had your security breached then you just haven’t detected it,” says Professor Paul Dorey, director at CSO Confidential.
“Wherever there is digital technology there is the potential of cyber threat. What can change between industry sectors is the nature of the motivation of attack. Basic utilities have less information of commercial value to steal than do exploration companies bidding for assets, however both have the potential to create widespread disruption if their operations are stopped or disrupted by attack on critical cyber systems such as industrial control,” Dorey adds.
Governments and large corporations all over the world should be wary of a growing cyber menace in 2012 in particular, according to experts at Kaspersky Lab. Not only will there be a dramatic increase in the number of targeted attacks on state institutions and large companies, it is also likely that a wider range of organisations will bear the brunt of the expected onslaught.
“At the moment, the majority of incidents affect companies and state organisations involved in arms manufacturing, financial operations, or hi-tech and scientific research activities. In 2012 companies in the natural resource extraction, energy and transport industries will be affected, as well as information security companies,” warns Alexander Gostev, head of the global research and analysis team at Kaspersky Lab. “Attacks will range over more of the world than ever before, spreading beyond Western Europe and the US and affecting East Europe, the Middle East and South-East Asia.”
It has been reported that there was more than a 40 per cent increase across the Middle East in computers infected by malware in 2011. The threat of such viruses was highlighted by the discovery in 2010 of the most sophisticated cyber attack to date, Stuxnet. It was a vicious computer worm with highly specialised malware coded to target specific Supervisory Control and Data Acquisition (SCADA) systems and disrupt their operational activities but without the operators being aware of such changes.
“SCADA networks are widely used in all industrial sectors and provide essential services and commodities in a very efficient manner,” explains Dr Nick Coles, founder and organiser of the International Forum to discuss the cyber security of energy and utilities sectors in the Middle East.
“However, they were originally designed to maximise functionality with little attention paid to security. Consequently performance, reliability and safety of these highly complex and interconnected systems are invariably robust, but the security is weak, making them vulnerable to disruption of service, process redirection or manipulation of operational data that could result in public safety concerns and even loss of life,” adds Coles.
The management need for information and remote control in the modern energy business has led to the adoption of common network protocols and the connection of many of these SCADA and Industrial Control Systems (ICS) to the corporate network.