Oil Tankers hacked-new malware steals oil industry information

Industrial CyberSecurity
Spread the love

May 28,2015– A new kind of cybersecurity incident has come to light this month, after extensive research by Panda Labs, a cybersecurity company. It involves the oil transportation industry. It appears that a large number of companies that deal in storage and transportation of oil had been hacked in a somewhat unique fashion, where oil inventory related data was stolen. It seems that real documents, such as “Proof of Product” or “Authority to Sell” were stolen by the cybercriminals by hacking into the tanker companies systems. These stolen documents were then used to defraud oil brokers and traders on a massive scale. This scam is thought to be going on for at least a couple of years and nobody in the oil industry seems to be willing to comment.

This is another problem that is faced by cybersecurity firms, even after discovering the attacks and perhaps some clues that may lead to the perpetrators, people are reluctant to come forward, as it may open up a chain of liabilities and claims against the company from other companies  and entities who may have been swindled.

Oil Tanker moored at a terminal. Picture used for representational purpose only

Everyday, about 250,000 malware programs are estimated to be released by criminals and thus it is an uphill task for any company to keep their security systems updated. In this particular case, the malware was apparently triggered by an email that arrived from an unknown source that contained a pdf attachment, in a typical phishing attack. The document was not a pdf, only the icon that was used to display was an Adobe Acrobat icon, so the person got fooled into opening it and launching the malware.

You can read more details about the attack here.