Insurance Jottings

Cyber Criminals Still Busy Amid Pandemic

How to contend with COVID-19-driven demand destruction has captured much of the oil and gas industry’s attention in recent months.

 

Another formidable threat, which has risen markedly since last year, deserves much vigilance from many industry players. That is the message James Bright, senior underwriter with London-based Brit Insurance, recently conveyed to Rigzone.

 

firm covers potential physical and financial impacts of cyber-attacks for oil and gas firms.

 

“Hacks to oil and gas control systems can result in unauthorized amendments to software and the processes they are controlling with potentially devastating consequences,” Mr Bright said.

 

“While there have been some public reports of the impact that a cyber-attack can have on the physical processes in a plant or offshore rig, awareness is still limited – meaning many businesses still have exposures not adequately dealt with by their insurance policies.”

 

As Mr Bright told Rigzone, cyber-criminals are exploiting many oil and gas industry players’ preoccupation with COVID-19. Read on to learn more about what firms can do to better protect themselves.

 

Rigzone: How has COVID-19 influenced the number and severity of cyber-attacks?

 

James Bright: Since the global proliferation of COVID-19 from February onwards, the number of cyber-attacks has risen by over a third year-on-year. This increase in malicious cyber-attacks has primarily had an impact on organisations on the frontline of the global response, including the World Health Organisation (WHO), healthcare services and charities addressing the pandemic.

 

It is not only companies which have been targeted, with a huge uptick reported in the number of scams and phishing schemes taking advantage of individuals’ fear and confusion around the virus.

 

Rigzone: How has this affected the oil and gas industry?

 

Bright: With the downturn in oil and gas prices, many bad actors recognise that the industry’s attention and priorities are elsewhere and will look to exploit this distraction. If a cyber-attack were launched on an oil and gas business in the current environment, many companies simply wouldn’t have the ability to provide an effective response.

 

Additionally, with the movement of people heavily restricted, executing existing response plans and establishing crisis teams to work on the ground to restore critical systems and services would no longer be possible.

 

Rigzone: How might an oil and gas company sustain a cyber-attack?

 

Bright: The industry is ever more dependent on technology to gain efficiencies and automate processes and systems. Hacks to these control systems can result in unauthorised manipulation of software and the processes they are controlling.

 

The most common modes of cyber-attack facing oil and gas companies are via malware, ransomware and phishing. These attacks are often performed with social engineering campaigns leveraging malicious e-mails which force victims to install malware which steals financial data, personal information and can act as a back door into the systems of a company.

 

This type of attack by bad actors could also extend to disabling national electricity grids, starting electrical fires, disabling safeguards and warning systems, causing explosions and loss of life on oil rigs.

 

Such events could result in a whole range of losses, including capital asset damage, long-lasting business interruption and loss of earnings.

 

Rigzone: Oil and gas companies are grappling with two major challenges: a sharp downturn and COVID-19. Given these extraordinary circumstances, are they inevitably more vulnerable to cyber-attacks?

 

Bright: Cyber-criminals are always seeking to exploit vulnerabilities in the information technology (IT) infrastructure and security of companies and may see the oil and gas sector as one currently distracted, prioritising crisis management and other areas of their business.

 

The industry has historically been complacent. Cyber incidents such as data breaches are widely reported, leading many oil and gas companies to believe that cyber risks are only of concern to businesses which hold or store large volumes of sensitive data.

 

However, a number of high-profile hacks in recent years have demonstrated that they energy and petroleum sectors are among the most vulnerable, and the methods used to gain access to them are becoming increasingly innovative and more sophisticated.

 

Simulations and penetration tests have shown that bad actors could be capable of causing physical damage remotely, ranging from power outages to major fires and destructive attacks on critical assets.

 

In the cases of energy and critical national infrastructure, this risk could enter the realm of cyber terrorism and state-sponsored attacks.

 

Rigzone: What would you suggest an oil and gas company do in regard to cyber-security during these challenging times?

 

Bright: Historically oil and gas systems, both upstream and downstream, have not been designed with security in mind – but instead for efficiency and durability.

 

Oil and gas companies should take a risk-managed approach to cyber threats, weighing up the potential risk of a cyber-security breach and the resultant costs.

 

By first identifying the key assets which they need to protect, they can begin to build the systems and protocols to detect, respond and recover from an incident.

 

Primarily, this means having the right governance and technical solutions, such as firewalls and robust patch downloads in place as well as managing the human risk.

 

Many insurers provide companies with additional “value-add” services to the industry, including extensive risk management training tools and access to global cyber experts – including IT and forensic specialists, lawyers and crisis public relations.

 

US Issues Maritime Advisory on Sanctions for Ship Owners, Insurers

On the 14th May, the Trump administration issued guidelines to help ship owners and insurers avoid the risks of sanctions penalties, standards that maritime players and senior State Department official said they were modified following months of discussions with industry.

 

The guidelines, known as a Global Maritime Advisory, concern sanctions on Iran, North Korea and Syria.

 

The State Department said it is committed to disrupting sanctions evasion and smuggling of goods, including oil exports from Iran, which the Trump administration imposed sanctions on soon after pulling out of the Iran nuclear deal in 2018.

 

Global shippers and insurers had balked at an initial outline of the advisory that the State Department previewed in March, arguing it would have disrupted international trade with legal questions.

 

The senior State Department official, speaking on the condition of anonymity, said talks with industry had occurred for months, adding that he and his team had held multiple meetings in London, Washington and other parts of the world with the industry so that the end document was not “America-centric.”

 

We have worked through several iterations of this document with industry and each iteration was an improvement upon the previous one,” the official said. “We have an open line and ongoing dialogs with a range of industry representatives of this industry.”

 

Sanctions Enforcement

The Trump administration has ratcheted up its sanctions enforcement on countries like Iran and Venezuela, and, for example, imposed penalties on a unit of Chinese shipping giant COSCO last year for transporting blacklisted crude. It said it will target intermediaries as well as ship-to-ship transfers.

 

The maritime advisory was first outlined on the 9th March by David Peyman, a State Department deputy assistant secretary. He said then the advisory would, among other things, warn shippers not to turn off transponders and to not store Iranian oil.

 

Mr Peyman has since left that role to take another job at the State Department, and Andrew Weinschenk is now an acting deputy assistant secretary of state for counter threat finance and sanctions.

 

A former senior adviser to a financial intelligence official at the US Treasury Department said the guidelines raise the bar for sanctions compliance for everyone from ship owners, vessel captains, insurance companies and financial institutions.

 

“While framed as non-binding guidance, the message that US authorities are sending is clear: Companies in the maritime sector need to significantly increase their compliance postures to avoid running afoul of US sanctions,” said Eric Lorber, the former Treasury adviser and now vice president at K2 Intelligence FIN.

 

The industry was concerned that parts of the original advisory plan, which encouraged ship captains to take photographs of parties conducting ship-to-ship transfers and make them available to the authorities, would have run into legal issues.

 

Insurers had also been concerned about initial guidelines on ship transponders, which some shippers of sanctioned oil have turned off in the past, but which also sometimes fail during severe weather.

 

While the Trump administration incorporated changes over the last few months, industry still had concerns.

 

“It is important to recognise that the sectors of the maritime industry targeted by the guidance are often subject to complex domestic and international regulation that may impose conflicting requirements on a party,” a maritime source said.

 

UK Regulator Announces Pandemic Relief Measures for Insurance Customers

The Financial Conduct Authority (FCA) announced a set of measures to help insurance customers who may be suffering financial difficulties as a result of coronavirus pandemic.

The measures include premium reductions, discounts, waiving fees and premium payment deferrals.

 

FCA explained these actions could result in monthly premium reductions for customers paying by instalments or a partial refund of the premium for customers who have paid up front.

 

“Many firms in the insurance industry have already taken some of the actions we are suggesting here to support customers, such as premium reductions, discounts, waiving fees, and payment deferrals,” commented Sheldon Mills, interim executive director of Strategy and Competition at the FCA.

 

The measures come into force on the 18th May and will be reviewed in the next three months and may be revised if appropriate.

 

Mr Mills said the measures, which were confirmed on the 14th May, “will provide urgent support to those who need it.”

 

“As the FCA has recognised, since the start of the pandemic, insurers have taken wide-ranging action to support customers who may be facing financial difficulty,” said an ABI spokesperson.

 

“We have also set up industry-wide pledges in motor, home, travel, pet and business interruption insurance to assist customers during this difficult time,” the spokesperson continued.

 

Lloyd’s underwriting room closed until “at least August”: Neal

Lloyd’s closure of the underwriting room will not be lifted before August at the earliest, Lloyd’s CEO John Neal confirmed on the 14th May while also reassuring that the industry can “without a doubt” withstand the loss impact of Covid-19.