Oilers exposed: expert

AUSTRALIA’S energy sector could be exposed to significant risk by cyber attacks, particularly given the skills shortage and vulnerability via increased connectivity or the fabled Internet of Things, Symantec Australia and New Zealand chief technology officer Nick Savvides has warned.
Oilers exposed: expert Oilers exposed: expert Oilers exposed: expert Oilers exposed: expert Oilers exposed: expert

Helen Clark


Symantec last week warned that energy companies in the US, Switzerland and Turkey had been the subject of a second set of "Dragonfly" cyber attacks of unknown provenance. 
The first lot of attacks occurred between 2011 and 2014, and these latest attacks began in 2015, according to Symantec intelligence. 
Savvides says that traces of Dragonfly virus had been detected in Australia, but as the Dragonfly 2.0 was still in an intelligence gathering mode in order to build information for better attacks little damage had yet been done. 
Yet this is not a reason to begin celebrating, as Australia's energy sector remains vulnerable to attack and the possibility for widespread blackouts and other damaging events is real. 
While Savvides declined to say which companies had been targeted and which are best prepared he did tell Energy News that preparedness for cyber attacks varied greatly. 
Increasing connectivity and the Internet of Things, now prevalent in the Australian energy sector, is complicating matters. 
"It increases our threat attack surface as way more data than ever before is generated and it's harder to look for anomalous behaviour … [and] most of the makers of the internet of things are not interested in security or a complete secure stack," Savvides told Energy News.
"The industrial internet of things becomes even worse… the vendors don't like people adding things or patching systems (for security) which leads them to being more vulnerable, which is why we saw people being affected by WannaCry." 
Large companies like Woodside Petroleum have invested heavily in AI and the IoT, with huge amounts of data being fed from projects directly back to Watson in Perth, the IBM-developed AI used by the company. 
There are standards that Australian companies are expected to adhere to, he says, but "when it comes to the cyber security it is not just the technology but the people, and there is a skills shortage. The biggest companies can hire the right people, and the largest number of right people".
The other issue is the sheer sophistication of the attacks, in both their intelligence-gathering ability and the damage they can cause, such as the electrical grid attacks in Ukraine this January which led to widespread blackouts. 
"What's happened over the last couple of years is that the level of expertise in the non-state actors rivals the very mature state-backed actors," Savvides said. 
Who is running Dragonfly remains unclear but a Symantec report noted that lines of French and Russian had been found in the code, which could also have been a false flag. 
"We can't attribute it to a state but state-based and state-backed actors are absolutely active on the internet today," he said.
Australia, a sophisticated economy with a certain geopolitical alignment, remains a target from varied areas.  


  • FREE coverage on the rapidly developing coronavirus pandemic. Visit our COVID-19 hub.
  • Latest COVID-19 Coverage: Govt's COVID-19 Commission under scrutiny. Read more.
  • Latest COVID-19 Coverage: NT throws cash at oil and gas industry. Read more.