Last week, in an unprecedented move, the British National Cyber Security Centre (NCSC) issued a joint statement with the FBI and the US Department of Homeland Security warning that Russia had launched a cyber attack on critical UK infrastructure.

While the threat posed by cyber attacks seems to intensify on a weekly basis, British companies face continual warnings that they are not equipped to handle a hack.

A London-based energy insurance giant is also sounding the alarm bell, saying that the insurance industry is struggling to predict the impact a cyber attack would have on UK oil and gas firms because of the novelty of the threat.

“There is no doubt that the energy industry is a target for cyber attack,” said Robin Somerville, a business development director at Willis Towers Watson.

“What we don’t know yet is to what extent it’s going to make a difference to the overall balance sheet and to what extent there’s going to be claims to the insurance market. Because you haven’t got a track record, all the models just sit there empty,” he said.

Recent US breaches serve as a warning

Earlier this month, four US natural gas pipeline operators were temporarily shut down after hackers breached a shared data network. Although no gas service was interrupted, customer data may have been stolen, and the attack highlighted the possible vulnerability of the energy system.

Tim Erlin, the vice president of product management and strategy at US software firm Tripwire, said the US has seen an increasing number of attacks – and more importantly an increasing number of successful attacks – on energy infrastructure. Andrew Lloyd, the president of security firm Corero, said the US pipeline operator hacking was “precisely the type of attack that the UK government is seeking to protect us against”.

Hackers could also spark environmental disasters, an “elephant in the room” for oil and gas companies because of the “absolutely extreme” cost associated with the worst situations, by insurance standards.

Source: City A.M.