Skip to main content
Industrial Cybersecurity in the Industry

42% of oil and gas ICS vulnerability advisories released in 2020 contained errors.

As threats to upstream, midstream, and downstream operations become more frequent and sophisticated, cybersecurity leaders must improve visibility into their OT networks, effectively manage vulnerabilities, and leverage a collective defense approach to protect the connected supply chain in order to continue to deliver products reliably and efficiently. Dragos has assembled the largest team of ICS cybersecurity experts, including incident responders who were among the first on the scene of the 2017 TRISIS cyberattack that targeted safety systems in a refinery. Our unique approach combines OT threat intelligence, professional services, and the most effective and efficient ICS cybersecurity technology built on this unmatched expertise to enhance visibility, detection, and response capabilities in oil and gas environments.
Case Study

Combating threats in oil and gas environments with the Dragos Platform.

In 2018, a large North American oil refinery suspected that its industrial control systems environment had XENOTIME-related activity, a previously-known activity group behind the 2017 TRISIS attack on a Middle Eastern oil and gas refinery. Dragos stepped in to help rapidly identify malicious behavior on their networks and respond before a significant compromise.
Liquid chemical tank terminal, Storage of liquid chemical and petrochemical products tank, Aerial view at night.

Visualize, Detect, and Respond to Threats & Vulnerabilities in your OT Environment

Our ICS cybersecurity expertise – at your fingertips.

The Dragos Platform provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats and vulnerabilities through intelligence-driven analytics, and prescriptive guidance via playbooks to investigate and respond to incidents.


Gain in-depth visibility of threats & vulnerabilities oil and gas networks face.

Make global situational awareness part of your comprehensive security strategy with Dragos ICS Threat Intelligence. Receive pertinent reports via email or our online portal, and participate in live quarterly webinars with our deeply experienced team of ICS/OT intel analysts.


Combat oil and gas cyber threats from all angles.

Dragos’ experienced Professional Services team can be dispatched to perform a variety of activities that allow you to fully understand your ICS environment and its vulnerabilities, mitigate risks, and respond to threats confidently. Instructor-led ICS training classes are also available year-round.


Where Dragos differentiates from many [competitors] is in the ICS-focused expertise of its team, reflected in its intelligence-centric approach, where its deep and detailed knowledge of the specifics of the ICS threat landscape are borne out of experience.

451 Research

Known Activity Groups Targeting

The oil and gas industry is a prime target for adversaries seeking to exploit industrial control systems environments. An attack can happen at any point across the major stages of operations. To help protect your infrastructure, Dragos tracks nine activity groups specifically targeting oil and gas and will continue to update this list as more information becomes available.

Vanadinite adversary group trading card from Dragos
since 2019
IT compromise and information gathering
since 2014
Known to facilitate operations leading to disruptive ICS attack
since 2019
Focused on physical destruction and long-term persistence
Xenotime logo
since 2014
Focused on physical destruction and long-term persistence
dymalloy logo
since 2016
Deep ICS environment information gathering, operator credentials, industrial process details
Magnallium logo
since 2017
IT network limited, information gathering against industrial orgs
hexane logo
since 2018
IT compromise and information gathering against ICS entities
Parisite logo
since 2017
VPN compromise of IT networks to conduct reconnaissance
Chrysene logo
since 2017
IT compromise, information gathering and recon against industrial orgs

Defend Against Ransomware Threats _

Ransomware can directly impact OT in critical environments such as wellhead operations, compressor stations, and metering stations. And, even when it cripples the IT network, industrial processes can be impacted by forcing operators to halt OT operations as a precaution.


Join us on the frontlines with the latest webinars and events.

Dragos Industrial Security Conference (DISC)
Thu. Nov 5
Register Now