The most recent threat assessment from Canada's Communications Security Establishment (CSE) reveals that non-state threat actors aligned with Russia are expected to persist in their efforts to infiltrate the country's oil and gas sector. The CSE warns that these malicious actors will likely continue their activities until the conflict in Ukraine is resolved.
This information was disclosed on Wednesday as part of the CSE's latest threat assessment report.
Further, the Communications Security Establishment (CSE), said that although non-state threat actors associated with Russia potentially lack the same level of sophistication and technical capabilities as state-sponsored actors, however, they still possess the ability to cause significant harm. The CSE emphasizes that despite any limitations, these actors should not be underestimated in terms of their potential impact.
"We assess there is an even chance of a disruptive incident in the oil and gas sector in Canada caused by Russia-aligned actors, due to their higher tolerance for risk, the increase in their numbers and activity, as well as the number of vulnerable targets in the sector overall," CSE said in its warning report.
According to the agency's findings, individuals aiming to disrupt Canada's oil and gas supply are primarily focused on exploiting vulnerabilities at critical points, including networks comprising wide-diameter pipelines, transfer terminals, and significant refining facilities.
This assessment follows the release of confidential U.S. intelligence documents a few months ago, which indicated that hackers supported by Russia managed to penetrate Canada's natural gas distribution network.
Canada, as the fourth-largest oil producer globally, boasts a substantial oil and gas sector that plays a significant role in its economy. With approximately 600,000 employees and contributing around 5% to the country's GDP, the sector holds considerable importance.
Additionally, the Communications Security Establishment (CSE) has identified operational technology networks responsible for monitoring and controlling large-scale industrial assets as the primary target for cyber-attacks orchestrated by pro-Russian hackers.
What makes the energy sector prone to cyber-attacks?
According to cyber security firm Hornetsecurity, the energy sector has experienced a significant number of cyber attacks, representing at least 16% of reported incidents. The COVID-19 pandemic and the shift to remote work have contributed to an increase in attempted attacks, as reported by experts from the Edison Electric Institute, an American energy lobby group.
George Patterson, the director of Arrowforth, a cyber security recruitment specialist based in Oxford, suggests that younger generations, who make up a significant portion of cyber hackers, perceive the energy industry as unethical. Exploiting this perception, hackers target the industry knowing that energy companies possess financial resources and are more likely to pay ransoms to ensure uninterrupted operations.
Kristin Bryan, a senior associate at Squire Patton Boggs (UK), notes the critical nature of the energy sector and its interconnectedness with global supply chains. A cyber attack on energy companies can have far-reaching impacts, compelling affected companies to quickly pay ransoms. Additionally, companies may find it more cost-effective to pay the ransom through their cyber security insurance policy rather than undertaking expensive data recovery measures themselves.