Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Title:
2002_002
An intrusion occurs on OT systems during a strike, impacting Programmable Logical Controllers in a [...]
Day Month Year Country Activity Incident Type
2 December 2002 Venezuela, Bolivarian Republic of Offshore Intrusion

Summary

The national oil company of Venezuela is a major entity responsible for a substantial portion of the country's economic activity and its contribution to local and world's oil supply.

According to sources, during national strike movement, an intrusion targeted OT systems of the company, as well as centrally controlled operations. An major impact would have been Programmable Logic Controllers (PLCs) at a port facility being wiped out.

Due to the intrusion, Venezuela's oil production faced a significant decline, dropping from 3 million barrels per day (BPD) to just 300 thousand BPD. Oil production had to be stopped during eight hours, a tanker waiting in the port could not be provided with oil, and PLCs had to be reinstalled.

Victim

PDVSA

Claimed/Reported Threat Actor

N/A

Origin

Political

Main impact

Integrity

References

Recommendations to Offshore to reduce Intrusion risks:

  • Implement strong access controls and authentication mechanisms to limit unauthorized access, such as Multi Factor Authentication.
  • Regularly update and patch software and systems to address known vulnerabilities.
  • Use Network Intrusion Detection Systems (NIDS) to monitor and block suspicious activities.
  • Segment your network to limit lateral movement by attackers in case of a breach.
  • Educate your employees about phishing attacks and social engineering tactics to prevent credential theft.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Thursday, 10th October 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.