Energy firms at risk from cyber-attacks, pipeline sabotage: CSIS

Energy firms at risk from cyber-attacks, pipeline sabotage: CSIS | Insurance Business Canada

Energy firms at risk from cyber-attacks, pipeline sabotage: CSIS
A classified document from Canada’s intelligence agency has revealed that the nation’s energy companies are at risk due to the threat posed by cyber espionage as well as attacks on oil storage, pipelines, power transmission towers, and shipment facilities.

Reuters, under access-to-information laws, recently retrieved a confidential document from the Canadian Security Intelligence Service (CSIS), which warned energy firms of mounting risks. The document also highlighted the increasing opposition to pipeline construction in Canada and the United States, which could put the energy sector under additional threat.

Learn more about cyber insurance here.

Parts of the document were obscured for security reasons.

The document was issued last May, with speaking notes prepared for a CSIS briefing with energy and utilities sector stakeholders. In it, an anonymous official identifies a threat from foreign state-owned firms looking for confidential information about investments or takeovers.

“You should expect your networks to be hit if you are involved in any significant financial interactions with certain foreign states,” the official stated in the document.

The official continued, saying that the hackers are looking for information such as valuations to tax records and client names. The document also confirms that the CSIS had collected evidence of such espionage in the past.

Although the document does confirm the threat of hackers, it did not show the foreign states whose companies may be linked to industrial espionage or their purported Canadian victims.

A spokesperson for Public Safety Canada (which oversees CSIS) confirmed with Reuters that there has been an increase in attempted cyber-attacks, but declined to comment on specific incidents or threats.

The document also cautioned the energy sector that it was “vulnerable to explosives” and even identified a list of possible targets for sabotage. The official in the document listed a number of “terrorist attacks” since 2014 in Canada and abroad, noting that even large-scale sabotages are “technically simple”.

CSIS spokeswoman Tahera Mufti did not offer any details about the industry meeting where the document’s sensitive details were disclosed nor the official’s description of physical threats to Canada’s energy infrastructure. She did, however, say that the agency’s overall threat assessment for the energy sector has remained constant, and that the sector is a global target for hacking. She also said that detecting such threats is a “key national security priority”.

Reuters noted that none of the major energy infrastructure companies disclosed whether they had sent representatives to the clandestine risk meeting.

Related stories:
Canada sets national carbon price amidst opposition
Crescent Point Energy pipeline leak spills over to farmer’s field