Cybersecurity experts aren’t surprised by revelations contained in a package of leaked US intelligence documents suggesting that Russian-backed hackers have successfully accessed Canada’s natural gas supply network.
But there’s a big difference between gaining access to a company’s networks and servers and actually sabotaging Canada’s energy supply or causing injury or property damage, they said.
“There’s a big gap between having access to a computer in industry and knowing how to make a computer do something physical,” says Dragos Inc., an industrial cybersecurity company in North America. Lesley Carhart, Director of Incident Response, said:
“Criminal gangs have access to industrial facilities all the time.
Recently, Pentagon documents were apparently released to social media sites not only detailing U.S. and NATO operations in Ukraine, but also that Russian-backed hackers had taken control of Canada’s natural gas infrastructure. It seems that it also included a claim that it succeeded in accessing the .
There is no specific company name in the leaked documents. CBC News and Canadian Press have not independently verified this claim. His two companies, TC Energy and Enbridge, told his CBC that their infrastructure was not compromised by the hacking attempt.
However, the news has put cybersecurity issues in the North American oil and gas sector back into the limelight.
Canada’s Communications Security Agency (CSE), which oversees foreign intelligence gathering and cybersecurity, said in a statement that it does not comment on specific incidents. But he added that he was “concerned about the potential disruption to critical infrastructure” of internet connectivity technology “underpinning industrial processes”.
According to Geoffrey Cann, a BC-based author and speaker who specializes in digital issues affecting the oil and gas industry, Canada’s energy sector is targeting cybercriminals, It is routinely targeted by state-sponsored hackers hoping to wreak havoc.
“It would be a shock if they weren’t targeting Canadian infrastructure because they routinely target energy infrastructure around the world,” he said.
“And the industry is very aware of this. This is a board-level topic.”
In 2021, a ransomware attack successfully targeted the Colonial Pipeline, the largest pipeline system for refined petroleum products in the United States. It was the largest cyberattack on oil infrastructure in U.S. history, forcing the company to temporarily suspend pipeline operations.
Carhart said it’s no secret that state-sanctioned attackers are attempting to penetrate the systems of oil and gas companies for purposes of corporate espionage, sabotage, or terrorism.
But she pointed out that industrial sites have many layers of safety protocols and facilities in place, and just having access to a computer server isn’t always enough to actually affect it.
“Industrial facilities are built to be very secure. They are built to withstand human error and device failure.”
She said it can take years for cybercriminals to learn enough about a company’s internal processes and facilities to actually cause an incident.
“Yes, there are states with the resources that are spending a lot of time and money learning about these facilities and something can be done in the future. , you mean you can? No.”
Cann said while oil and gas companies themselves should be concerned about the financial and operational risks of cyberattacks, the risk remains that hackers could disrupt energy supplies to Canadians for any significant period of time. Agreed very low.
“For a successful hack in Canada, you would have to bring down a huge amount of infrastructure at the same time.
“Oil and gas infrastructure is under constant attack, but there are very few public incidents that we hear of, which is in our favor.”