A report in the Houston Chronicle indicates that oil rigs and platforms have been “incapacitated” by malware that employees downloaded, both whilst ashore and on the ocean-borne resource extraction implements themselves. The culprits are banal: activities involving pornography and music piracy.
What isn’t easily dismissed is the concept of an errant porn session leading to an infection that shuts down a key system on an oil rig that leads to an explosion and lengthy period of contamination. Obviously the far scenario, it does not appear to be an impossibility.
More mundane issues such as production slowdowns stemming from malware infections are more likely.
However, the ease of infection that is detailed by the Chronicle indicates not merely sloppy security practices of computing systems on key infrastructure elements, but all but no standards at all. This is not encouraging, given how desperately important oil production remains to this nation’s, to be frank, defense.
That bored employees can accidentally cause material IT damage is not excusable.
As a caveat to this, we are entering into another round of cybersecurity legislation, meaning that there will be more stories of this import over the coming months. Keep in mind that this stuff was likely happening all along, and that we are simply hearing it about it more often as the issue is hot for the time being.
This does not discount real danger, but it does place the news into context.
Top Image Credit: Mike Baird