Skip to main content
Industries
Industrial Cybersecurity in the Industry
http://illustrated%20icon%20representing%20oil%20rig

42% of oil and gas ICS vulnerability advisories released in 2020 contained errors, which can prevent operators from accurately prioritizing patch management.

As threats to upstream, midstream, and downstream operations become more frequent and sophisticated, cybersecurity leaders must improve visibility into their OT networks, effectively manage vulnerabilities, and leverage a collective defense approach to protect the connected supply chain in order to continue to deliver products reliably and efficiently.

Dragos has assembled the largest team of ICS cybersecurity experts, including incident responders who were among the first on the scene of the 2017 TRISIS cyberattack that targeted safety systems in a refinery. Our unique approach combines OT threat intelligence, professional services, and the most effective and efficient ICS cybersecurity technology built on this unmatched expertise to enhance visibility, detection, and response capabilities in oil and gas environments.
Case Study

Combating threats in oil and gas environments with the Dragos Platform.

In 2018, a large North American oil refinery suspected that its industrial control systems environment had XENOTIME-related activity, a previously-known activity group behind the 2017 TRISIS attack on a Middle Eastern oil and gas refinery. Dragos stepped in to help rapidly identify malicious behavior on their networks and respond before a significant compromise.
READ THE FULL CASE STUDY
Liquid chemical tank terminal, Storage of liquid chemical and petrochemical products tank, Aerial view at night.

Visualize, Detect, and Respond to Threats & Vulnerabilities in your OT Environment

Industrial equipment (pipes, manometer/pressure gauge, levers, faucets, indicators) in a natural gas compressor station.

Our ICS cybersecurity expertise – at your fingertips.

A key challenge in the oil & gas industry is managing asset inventories and understanding overall asset visibility across large plants or geographically dispersed operations. The Dragos Platform provides ICS defenders with unprecedented visibility of their assets and communications, which helps surface threats and vulnerabilities along with operational issues that can be extremely difficult to track down. The Platform is continuously updated with Knowledge Packs that contain the latest industrial device data, intelligence-driven analytics, and prescriptive guidance via playbooks to investigate and respond to incidents.

EXPLORE THE DRAGOS PLATFORM

Gain in-depth visibility of threats & vulnerabilities oil and gas networks face.

Ransomware has emerged as a top threat to oil and gas operations, and is a focus of Dragos’s ICS Threat Intelligence analysts. Make global situational awareness part of your comprehensive security strategy with Dragos ICS Threat Intelligence. Receive pertinent threat reports, vunerability advisories, and IOCs via email or our convenient online portal.

THREAT INTELLIGENCE

Combat oil and gas cyber threats from all angles.

Dragos’s experienced Professional Services team can be dispatched to perform a variety of activities that allow you to fully understand your ICS environment and its vulnerabilities, mitigate risks, and respond to threats confidently. A common first step is conducting Architecture Reviews to assess the ICS Program and overall Topology deployed. Then, we can conduct Tabletop Exercises to educate and prepare your cross-functional teams to respond to an incident, and also offer instructor-led ICS training classes year-round to level-up understanding and skills in OT cybersecurity.

PROFESSIONAL SERVICES
Quotation

Where Dragos differentiates from many [competitors] is in the ICS-focused expertise of its team, reflected in its intelligence-centric approach, where its deep and detailed knowledge of the specifics of the ICS threat landscape are borne out of experience.

451 Research

Known Activity Groups Targeting Oil & Gas Operations

The oil and gas industry is a prime target for adversaries seeking to exploit industrial control systems environments. An attack can happen at any point across the major stages of operations. To help protect your infrastructure, Dragos tracks nine activity groups specifically targeting oil and gas and will continue to update this list as more information becomes available.

Vanadinite adversary group trading card from Dragos
VANADINITE
since 2019
IT compromise and information gathering
KAMACITE
KAMACITE
since 2014
Known to facilitate operations leading to disruptive ICS attack
TALONITE
TALONITE
since 2019
Focused on physical destruction and long-term persistence
Xenotime logo
XENOTIME
since 2014
Focused on physical destruction and long-term persistence
dymalloy logo
DYMALLOY
since 2016
Deep ICS environment information gathering, operator credentials, industrial process details
Magnallium logo
MAGNALLIUM
since 2017
IT network limited, information gathering against industrial orgs
hexane logo
HEXANE
since 2018
IT compromise and information gathering against ICS entities
Parisite logo
PARISITE
since 2017
VPN compromise of IT networks to conduct reconnaissance
Chrysene logo
CHRYSENE
since 2017
IT compromise, information gathering and recon against industrial orgs

Defend Against Ransomware Threats _

Ransomware can directly impact OT in critical environments such as wellhead operations, compressor stations, and metering stations. And, even when it cripples the IT network, industrial processes can be impacted by forcing operators to halt OT operations as a precaution.

Events

Join us on the frontlines with the latest webinars and events.

MORE EVENTS
Dragos Industrial Security Conference (DISC)
Fri. Nov 5 – Fri. Nov 5
Virtual
Register Now