Rosneft and A. P. Moller Maersk, which owns drilling firm Maersk Drilling and oil firm Maersk Oil, as well as a huge container shipping business, are among a slew of companies across the globe hit by the Petya ransomeware virus.
The virus, similar to the WannaCry virus, which hit earlier this year, has also hit global advertising house WPP, whose employees were told to turn off their computers, and Ukranian government systems.
Rosneft, Russia's largest oil producer, said it had been hit by a "massive hacker attack" and that it hoped it had no relation to ongoing court action against rival Sistema.
Rosneft has said, via Twitter, a social media platform: "The company works as usual. The situation is under control. It is premature to evaluate the cyber attack impact. The large-scale hacker attack has not affected the company production processes... due to the fact that the Company has switched to a reserve control system, neither oil production nor preparation processes were stopped."
Denmark's A. P. Moller Maersk said it had IT systems down across multiple sites and select business units. "We have contained the issue and are working on a technical recovery plan with key IT-partners and global cyber security agencies," the group said, also via social media, including Facebook.
"We have shut down a number of systems to help contain the issue. At this point our entities Maersk Oil, Maersk Drilling, Maersk Supply Services, Maersk Tankers, Maersk Training, Svitzer and MCI are not operationally affected. Precautionary measures have been taken to ensure continued operations."
Earlier this week, business consultancy Deloitte said that "In 2016, energy was the industry second most prone to cyber-attacks, with nearly three-quarters of US oil and gas companies experiencing at least one cyber incident." Yet, it said: "in their latest annual filings, only a handful of energy companies cite cyber breaches as a major risk. In fact, many US O&G companies lump cyber risk with other risks such as civil unrest, labor disputes, and weather disruptions; many non-US O&G companies don’t mention “cyber” even once in their 100+-page filings."
Deloitte says: "Oil and gas might not seem like an industry that hackers would target. But they do—and the cybersecurity risks rise with every new data-based link between rigs, refineries, and headquarters."
Worryingly, it points out: "About 1350 oil and gas fields globally, for instance, have been producing for more than 25 years, using systems and equipment from different vintages throughout that period."
Deloitte adds: "Growing digitization and interconnectedness of operations have heightened cyber risks further. The risks were lower earlier due to physical separation of systems and decentralization of security at a unit level. But today, connected technology, in the embryonic form of digital oil fields or smart fields, has opened up an altogether new landscape of attack vectors for hackers by connecting upstream operations in real time."
OE Digital E-News is the subsea industry's largest circulation and most authoritative ENews Service, delivered to your Email three times per week