Hackers prompt energy firms to learn intelligence methods

HOUSTON — Oil companies are turning to the intelligence industry for insights on how to battle the steady rush of online threats they are facing.

While many security efforts have been focused on blocking out hackers in the past, speakers at the American Petroleum Institute’s Cybersecurity Conference & Expo in Houston on Wednesday advocated for more intelligence gathering.

“The idea with anticipatory intelligence is rather than waiting to be attacked, which isn’t necessarily the best defensive strategy, it’s getting…ahead of the attacker,” said Randy Hayes, a vice president for consulting firm Booz Allen Hamilton, a major intelligence contractor for the U.S. government.

That approach involved replicating some of the capabilities of an intelligence organization, with Hayes advocating the hiring of language specialists to understand threats from foreign countries.

Q&A: Adm. Thad Allen gauges online risks to energy

Analysts with foreign language skills could help breakdown the origin of a threat, and therefore determine what tools are likely being used by an attacker, Hayes said.

“If you have a native Arabic linguist, within two minutes they could probably tell you is this an Arabic speaker or is this someone who was trained at a university,” he said.

One reason for incorporating more intelligence into cybersecurity efforts is because competitor companies owned by nations, such as those in China and Russia, are able to use the intelligence organizations of their countries against oil and gas companies.

“You compete with countries with intelligence sources and they have very straight lines from intelligence sources to companies,” said Chris Bronk, a fellow specializing in information technology and policy at Rice University’s Baker Institute. “That means you have to be fast, and you have to be smarter.”

Computer espionage efforts from other companies also means that oil company cybersecurity employees should be in regular communication with the highest level executives about its upcoming decisions and deals, Hayes said. Simply being involved with negotiations over a deal could result in increased attacks on a company, he said.

Cybersecurity conference: Overwhelmed oil companies search for ways to combat hackers

Intelligence also plays a major role because of changing threats. As security companies have reacted to hackers’ prior efforts, attackers have altered their methods, said George Ressopoulos, a senior security consultant for defense contractor Lockheed Martin.

“The defenses that we’ve put in place, the adversary has shifted their tactics to get around those defenses,” he said.