Free Webinar:

What’s causing the divide between OT and IT teams? Learn from CISOs bridging the gap.

Skip to main content
Industrial Cybersecurity in the Industry

42% of oil and gas ICS vulnerability advisories released in 2020 contained errors, which can prevent operators from accurately prioritizing patch management.

As threats to upstream, midstream, and downstream operations become more frequent and sophisticated, cybersecurity leaders must improve visibility into their OT networks, effectively manage vulnerabilities, and leverage a collective defense approach to protect the connected supply chain in order to continue to deliver products reliably and efficiently.

Dragos has assembled the largest team of ICS cybersecurity experts, including incident responders who were among the first on the scene of the 2017 TRISIS cyberattack that targeted safety systems in a refinery. Our unique approach combines OT threat intelligence, professional services, and the most effective and efficient ICS cybersecurity technology built on this unmatched expertise to enhance visibility, detection, and response capabilities in oil and gas environments.
Case Study

Combating threats in oil and gas environments with the Dragos Platform.

In 2018, a large North American oil refinery suspected that its industrial control systems environment had XENOTIME-related activity, a previously-known activity group behind the 2017 TRISIS attack on a Middle Eastern oil and gas refinery. Dragos stepped in to help rapidly identify malicious behavior on their networks and respond before a significant compromise.
Liquid chemical tank terminal, Storage of liquid chemical and petrochemical products tank, Aerial view at night.
an icon depicting cybersecurity. The green gradient icon has a square with a padlock in the middle and multiple arms

Visualize, Detect, and Respond to Threats & Vulnerabilities in your OT Environment

Industrial equipment (pipes, manometer/pressure gauge, levers, faucets, indicators) in a natural gas compressor station.

Our ICS cybersecurity expertise – at your fingertips.

A key challenge in the oil & gas industry is managing asset inventories and understanding overall asset visibility across large plants or geographically dispersed operations. The Dragos Platform provides ICS defenders with unprecedented visibility of their assets and communications, which helps surface threats and vulnerabilities along with operational issues that can be extremely difficult to track down. The Platform is continuously updated with Knowledge Packs that contain the latest industrial device data, intelligence-driven analytics, and prescriptive guidance via playbooks to investigate and respond to incidents.


Gain in-depth visibility of threats & vulnerabilities oil and gas networks face.

Ransomware has emerged as a top threat to oil and gas operations, and is a focus of Dragos’s ICS Threat Intelligence analysts. Make global situational awareness part of your comprehensive security strategy with Dragos ICS Threat Intelligence. Receive pertinent threat reports, vunerability advisories, and IOCs via email or our convenient online portal.


Combat oil and gas cyber threats from all angles.

Dragos’s experienced Professional Services team can be dispatched to perform a variety of activities that allow you to fully understand your ICS environment and its vulnerabilities, mitigate risks, and respond to threats confidently. A common first step is conducting Architecture Reviews to assess the ICS Program and overall Topology deployed. Then, we can conduct Tabletop Exercises to educate and prepare your cross-functional teams to respond to an incident, and also offer instructor-led ICS training classes year-round to level-up understanding and skills in OT cybersecurity.


Where Dragos differentiates from many [competitors] is in the ICS-focused expertise of its team, reflected in its intelligence-centric approach, where its deep and detailed knowledge of the specifics of the ICS threat landscape are borne out of experience.

451 Research

Known Activity Groups Targeting Oil & Gas Operations

The oil and gas industry is a prime target for adversaries seeking to exploit industrial control systems environments. An attack can happen at any point across the major stages of operations. To help protect your infrastructure, Dragos tracks nine activity groups specifically targeting oil and gas and will continue to update this list as more information becomes available.

Vanadinite adversary group trading card from Dragos
since 2019
IT compromise and information gathering
since 2014
Known to facilitate operations leading to disruptive ICS attack
since 2019
Focused on physical destruction and long-term persistence
Xenotime logo
since 2014
Focused on physical destruction and long-term persistence
dymalloy logo
since 2016
Deep ICS environment information gathering, operator credentials, industrial process details
Magnallium logo
since 2017
IT network limited, information gathering against industrial orgs
hexane logo
since 2018
IT compromise and information gathering against ICS entities
Parisite logo
since 2017
VPN compromise of IT networks to conduct reconnaissance
Chrysene logo
since 2017
IT compromise, information gathering and recon against industrial orgs

Defend Against Ransomware Threats _

Ransomware can directly impact OT in critical environments such as wellhead operations, compressor stations, and metering stations. And, even when it cripples the IT network, industrial processes can be impacted by forcing operators to halt OT operations as a precaution.


Join us on the frontlines with the latest webinars and events.

Thu. Jan 1
Register Now