The LockBit ransomware group has claimed responsibility for a cyber attack targeting Gran Tierra Energy, an energy company specializing in oil and gas production in Colombia and Ecuador. The cyber attack on Gran Tierra Energy has not been officially confirmed by the company, which is headquartered in Calgary, Canada. The Cyber Express reached out to Gran Tierra Energy via email to inquire about the cyber attack or any suspicious activity related to ransomware. However, as of now, no response has been received from the company.
The oil and gas industry has become a prime target for cybercriminals, with nearly 21 recorded global ransomware attacks launched on this sector in 2022. The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) has assessed that the cyber risk to the oil and gas industry is high, making it a priority target for state-sponsored threat actors, cybercriminals, and hacktivists. These attacks have resulted in substantial financial losses and disrupted services in the connected municipalities. They have also led to gasoline and diesel price hikes and shortages in the affected regions.
One notable cyber attack on the oil and gas sector was the Colonial Pipeline ransomware attack, which was carried out by the Darkside hacker group. This attack caused the disruption and halting of operations on the pipeline, which spans over 5,500 miles and supplies 45% of the East Coast’s diesel, petrol, and jet fuel. In response to the attack, the CEO of Colonial Pipeline authorized a ransom payment of $4.4 million to the hackers.
Efforts have been made to mitigate and prevent cyber attacks on the oil and gas industry. Following the WannaCry ransomware attack in 2017, the World Economic Forum launched the Cyber Resilience in Oil and Gas initiative. This initiative aims to foster international cooperation and promote a culture of cyber resilience within the industry. The initiative emphasizes the use of tamper-resistant field devices with enhanced hardware security controls, as well as the installation of updates and patches for vulnerabilities in industry software. It also highlights the importance of encrypting all devices, implementing embedded security and certificate pinning to detect and report duplicated devices, and strengthening authentication and authorization measures to prevent unauthorized access to the network. Additionally, organizations are encouraged to update their incident response plans regularly, employ next-generation AI-powered firewalls to detect malicious software, provide employee training on maintaining cyber hygiene and detecting cyber threats, and enhance phishing and email security protocols to counter malicious email attacks.
While this report provides valuable insights into the cyber attack on Gran Tierra Energy and the broader issue of cyber attacks on the oil and gas industry, it is important to note that the information presented is based on internal and external research obtained through various means. Users should exercise caution and bear full responsibility for their reliance on this information. The Cyber Express assumes no liability for the accuracy or consequences of using this information.