Cyberattacks Pose Threat to Canada’s Automated Resource Firms

Suncor Plant

December 11, 2017

Data theft from high-profile hacks against companies like Uber and Equifax can cost consumers thousands of dollars but resource companies worry about millions in damage, along with potential injuries and death, if their technology is compromised.

The thought of a multi-tonne piece of equipment running amok or shutting down at a critical time in the resource gathering process is a nightmare scenario for chief information and security officers in the oilpatch and other resource-rich regions of Canada.

Cybercriminals are betting the company whose gear no longer obeys instructions would be willing to pay dearly to avoid such a situation.

 

“It’s no longer a bunch a pimple-faced kids in mommy and daddy’s basement — it’s organized crime,” said Daniel Tobok, CEO and co-owner of Toronto-based Cytelligence, who says his company investigates 40 data breach attacks on private Canadian companies every month, often tracing the attacks to foreign hackers.

“It’s theft of intellectual property, it’s espionage, but it all comes down to money as a motivation.”

 

He estimates the attacks cost Canada $3 billion to $5 billion per year in proceeds to criminals, adding one Calgary energy company was forced to pay $200,000 in ransom three years ago to regain control of its corrupted digital production systems.

The rise of the so-called “Internet of Things” — in which machines communicate autonomously with each other — means companies are increasingly employing automation and remote control to drive bulldozers, diggers and heavy trucks, or control drilling and processing equipment. Such automation delivers labour savings but also presents more targets for hackers, making the overall system more vulnerable to cyberattacks.

“Somebody could actually die,” said Tobok.

In a recent report, accounting firm EY said the cybersecurity risk to mining companies had jumped to third in 2017-18, from ninth the year before, on a top-10 worst risk list because the “attack surface” is getting larger as connected IT and operational devices in a typical mine or ore transport system grow into the thousands.

Executives agree the threat is real but insist they can keep hackers at bay with multiple automatic and manual shut-down systems, firewalls, strictly limited internet connections and ongoing employee training.

Kevin Neveu, CEO of Precision Drilling Corp., the largest Canadian driller which also operates in the United States, said the company has never had a successful “intrusion” although it detects unsuccessful attempts “almost daily.”

“We’re certainly concerned that someone could hack into a drilling rig,” he said.

“We’re running 20 rigs that have automation systems on them that actually control the rigs through software and tell it to go up and down, tell it to go to higher pressure or lower pressure. That software potentially could be hacked.”

He said the company has “intrusion-sensing systems” that are designed to trigger a fail-safe shutdown. The drilling crew can also shut off the rig manually and it’s possible to override the automated system and continue working without it, he said.

Steve Laut, CEO of Canadian Natural Resources Ltd., said he doesn’t want to “advertise” what the company is doing in cybersecurity but noted it has a robust plan with “four or five levels of security,” adding its major heavy oil production plants aren’t connected to the internet.

“We’re like any other corporation out there, we get attacked all the time,” he said. “Most of it bounces off our firewalls.”

 

Potash Corporation of Saskatchewan Inc. uses continuous boring machines that can mine up to 900 tonnes of ore per hour.

It wouldn’t comment for this article but warns in its annual report that cyberattacks could result in “personal injury” to employees, contractors or the public as well as computer viruses, property damage, disruptions to operations and loss of data or confidentiality.

Michael Murphy, country manager for Citrix Canada, which provides remote access for customers to applications and data, said data security is more difficult to ensure these days because the number of access points is multiplying.

Employees, third-party partners and contractors want to use their own devices to access company systems and data, each presenting a possible entry point for a cyberattack.

“I’m sure what keeps the chief information and security officers up at night is, ‘How do I make sure that the software-defined perimeter continues to be very secure but also accessible?”‘ he said.

“You can make something very secure but it doesn’t necessarily make it very productive. It has to be easy to use and very secure at the same time. The complexity of what a company has to manage today is mind-boggling.”

By: Dan Healey

Source:  https://www.theglobeandmail.com/report-on-business/industry-news/energy-and-resources/cyberattacks-pose-serious-threat-to-canadas-automated-resource-firms/article37087705/

Related Articles


Changing Scene

  • Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco International has recently announced the grand opening of a new state-of-the-art facility on Higney Avenue in Dartmouth, Nova Scotia, Canada, making this the largest facility of any distributor in the Atlantic region. The new building, facilitated by Touchette Real Estate, a division of Groupe Touchette, will feature Wesco’s comprehensive suite of services and solutions including… Read More…

  • PataBid Nominated for Canadian Choice Award in Software Services

    PataBid Nominated for Canadian Choice Award in Software Services

    PataBid is proud to announce its nomination for a Canadian Choice Award in the Software Services category. This recognition highlights PataBid’s commitment to supporting the electrical contracting community across Canada by providing innovative estimating software solutions that streamline estimating processes and ensure predictable and profitable projects. Read More…


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    Explore how Omron’s latest X-Ray machines and AI-driven solutions are setting new standards in manufacturing efficiency and quality control. The manufacturing landscape is swiftly evolving, and Omron is at the forefront with its innovative PCB inspection machines. These systems offer profound insights into SMT production process, enhanced quality control, and can significantly reduce labor costs. Advancements… Read More…

  • KUKA Establishes New Software and Digital Business Segment

    KUKA Establishes New Software and Digital Business Segment

    Software is playing an increasingly important role in mechanical engineering. What used to be mostly solved mechanically is now done by electronics and the associated software. “With KUKA Digital, we are expanding our offering in order to position ourselves broadly for a market with strong growth potential. Our customers need products, solutions and consulting approaches to digitalize… Read More…