68                                        Intelligent Digital Oil and Gas Fields


          However, most modern SCADA and DOF platforms need to have some
          mobile capability as that is becoming critical for all land-based operations.


               2.4 SPECIAL NOTE ON CYBERSECURITY

               The growth of remote systems that communicate sensitive data from
          production operations along with the growing occurrences and risks of
          hacking of communication networks has increased the focus on security
          for O&G DOF operations and systems. Before the implementation of the
          digital or connected oil fields, the industry had to face mainly traditional
          threats, such as natural hazards, human errors, physical attacks to humans
          and property. Now with the growth of connected sensors, instrumentation,
          and control systems throughout fields and systems of data connections
          through cell signals, WiMax, satellites, and cloud servers that contain
          vital commercial and proprietary data, the O&G industry faces the same
          cyber threats as any other global industry. Hence, the security of these sys-
          tems becomes an important aspect of both the O&G industry and the
          policymakers.


          2.4.1 An Overview of Cyber-Attacks in O&G Companies
          Like every major company in the world with an IT infrastructure, compa-
          nies in the O&G industry are fighting against cyber-attacks and their resul-
          tant costs. In 2004, 2700 businesses dealing with critical infrastructure had
          >13 million cybercrime incidents that were estimated to cost them more
          than $288 million USD and 150,000h of downtime (Rantala, 2004).
             Many major companies in the upstream industry have felt the impact of
          cyber-attacks including Saudi Aramco, RasGas (Qatar), and Chevron. Tra-
          ditionally, the goals of cyber intrusions have been to steal intellectual prop-
          erty, business tactics, and information. However, the attack on Saudi
          Aramco also showed evidence that the aim was to cause physical disruption
          to the O&G supply chain (Clayton and Segal, 2013).
             Cyber threats to O&G companies present a complex and increasingly
          difficult challenge for the companies, security organizations (governmental
          and industry), and the public, who may be impacted by such disruptions
          (e.g., to supply). These attacks are becoming increasingly sophisticated
          and more difficult to detect, deter and defend against, and the perpetrators
          are less “lone wolves” and more organized experts of both state-sponsored
          and self-organized groups. Incidents related to Stuxnet and Shamoom