The WannaCry ransomware attack, which infected over 200,000 computers in 150 countries, hitting government, healthcare and private businesses, should act as a stark warning to everyone in the oil and gas industry.
These are not isolated attacks and it’s critical to consider protecting your systems and business now and in the future. Swinton Technology provide reactive support and through our system maintenance and support contract support, can deliver peace of mind for the lifecycle of your system.
What you should be aware of and what immediate action you should take.
We are advising all operators to examine their systems fully to make sure that they are not vulnerable to attack.
Any unpatched Windows operating system is at risk from attack, from Windows XP to the latest Windows Server 2016, as is any system without a solid backup in place.
Metering Supervisory Computers (MSCs) are the ‘cash register’ for many oil and gas assets and are critical to these business operations. Any loss of data or MSC downtime can lead to measurements being missed and the loss of vital information. This can have serious consequences for businesses.
The malicious payload system is designed to encrypt files on the machine rendering them unreadable by the user. The ransomware encrypts a computer’s hard disk and any files on network server folders. The only sure way of removing this software, is to perform a reinstallation of the operating system. Any encrypted files will be lost during the reinstallation.
Having a backup procedure in place before any infection is a must! Even with the vulnerabilities patched, ransomware is still able to infect a machine by other means, such as USB flash drives, emails or infected websites.”
Here is our ‘action list’ of issues that oil and gas industry operators need to address to reduce their vulnerability to attack:
Assess your backup procedures
It is imperative that a robust backup procedure is in place on every Process Control Network (PCN) to protect against data loss, either through ransomware, viruses or system failures.
Even with a fully patched operating system, malware can still compromise a system via different mediums such as USB flash drives, emails or infected websites.
Swinton Technology provides robust backup solutions tailored to your specific needs.
Look at your patch management
We recommend that the latest patches released by Microsoft are always installed on any machines within the PCN.
This helps mitigates threats such as the WannaCry worm. However, we also recommend performing patch testing offline before rolling out patches on a live PCN. This ensures they do not negatively impact the operational stability of the systems.
The first step in the protection process is to make sure there is a solid back-up of the system. Our team can help in this and we work with our customers to identify all the required patches.
Once identified, we will test the impact of the new patches on the PCN ‘offline’ to avoid any potential risk to the site. We will then issue a patch report to allow the customer to install all the ‘approved’ patches. Alternatively we can upload these patches remotely or manually on site.
Mitigate against future risks
This is vital in the continual fight against cyber-crime and anti-virus management plays a key role in this.
Our experts can assess the current anti-virus protection and advise on the robustness of the system. Once a suitable approach has been identified we will then work to ensure that all ‘definition updates’ are included on the system.
‘Obsolescence management’ is also important. We can identify all vulnerable software and hardware and we will work with customers to put a phased upgrade plan in place. As well as phasing out the obsolete products we can assist in disaster recovery planning should the worst happen.
Longer term protection support
Although systems can be at risk, Swinton Technology clients with maintenance and security contracts take confidence in our robust processes and reporting to protect their assets.
Here at Swinton Technology we have many years of experience working on PCNs and understand the complexities around the patch management of MSCs.
We’re actively working with our clients that have support contracts to help mitigate the risk of the recent ransomware attack as well as protect against future security vulnerabilities.
We are providing robust backup solutions tailored to the specific needs of our clients and are specifically experienced with PCN and metering systems. Also, we provide the technical expertise that ensures supervisory systems are updated in a controlled manner.
For more information and to discuss your system security email - support@swintontechnology.com or call Richard Horsman (Service and Software Support) on 01653 602681.