The energy sector in the Middle East is extremely prone to cyber-attacks, said DNV KEMA, world’s leading energy consultancy.
According to a statement issued today, the attention the region pays to cyber threats is insufficient when compared with the speed of technology advancement and the seriousness of effects a possible cyber-attack could have.
"As cyber security threats are not restricted to one single group but can come from different corners, it is time that we all open our eyes and take appropriate actions to protect our countries and guarantee a safe and sustainable energy provision," said Mohammed Atif, Managing Director of DNV KEMA in the Middle East.
According to available data, the incidence of cyber-attacks in the Middle East region is growing. Until recently, most of the attacks focused on computers and websites of governments and energy companies. However, a new trend has been observable lately, with increasingly sophisticated viruses targeting power stations and power grids.
Although plans have been outlined to design preventive measures to shield the Middle-Eastern energy sector from hackers, contrary to Europe and the USA, no action has been taken so far.
"It is positive that a number of states have planned investments to protect their energy infrastructure. However, the composition and implementation of well-defined cyber protection plans are lagging behind compared with other regions,” Atif said, maintaining it definitely is a reason to worry as a cyber-attack on crucial energy supplies and transiting routes in this region would affect the whole world.
Iranian government admitted recently that computers at several nuclear power stations had been infected with viruses in the past as well the computers of Iran’s national oil company.
It has been said that several aspects further complicate the situation. First, the availability of information on common cyber defence systems such as SCADA, Stuxnet and ISPs helps the hackers in their activities. Second, the fact that industrial control systems in the region are becoming increasingly interconnected with corporate IT networks and the Internet, while no cyber security measures are in place, makes many of these systems extremely vulnerable.
"Sharing responsibility between governments and companies in vital sectors is a first, necessary step in securing safe and reliable cyber networks", Atif said, stating that a possible attack can come from various groups including governments, various activist groups, and criminal or terrorist organizations.