Houston is famously known as the “Energy Capital of the World.” This is due to the region’s vast oil reserves and its strategic location for transportation. The city is home to numerous oil and gas companies, power plants, and critical infrastructure. With the increasing digitalization and adoption of cutting-edge technology in the energy sector, the issue of cybersecurity is taking on particular urgency. We explore the threats, challenges, and ways to prevent cybercrime in the energy domain next on houston-future.com.
The Rise of Cyber Threats
It’s nearly impossible to imagine the modern world without energy. Consequently, this sector will always be a priority target. Energy sector owners have always been subject to attacks from dishonest individuals seeking easy profit. We also can’t discount terrorist organizations, as energy facilities frequently become targets for their attacks—and not just in the movies.
For instance, Halliburton, a global leader in oilfield services headquartered in Houston, invests significant funds in its organizational security. However, all these measures couldn’t protect the company from a powerful cyberattack. In August 2024, the corporation suffered a massive network-based attack. The scale was so vast that it affected energy operations across North Houston and disrupted global network connections. This incident underscored the vulnerability of even the largest energy market players to cyber threats.
Slightly earlier, in May 2021, an aggressive cyberattack was launched against Colonial Pipeline. This company operates pipelines spanning over 8,850 km (5,500 miles) with a capacity of over 3 million barrels of fuel per day. The pipeline route begins in Houston and ends at the Port of New York and New Jersey, underscoring Colonial Pipeline’s massive scale. Colonial Pipeline certainly maintained the highest level of security for its assets, employing the best cybersecurity specialists. Yet, they couldn’t avert the external attack. The aggressive cyberattack led to the shutdown of one of the largest fuel pipelines in the US, which, at the time, supplied about 45% of the fuel to the East Coast. This event became a major wake-up call for the entire energy sector regarding the urgent need to strengthen cybersecurity.
Primary Attack Vectors
According to research by SecurityScorecard and KPMG, 67% of security breaches in the US energy sector involve third-party interference. Furthermore, password leaks remain a serious issue for Houston energy companies. A Black Kite report indicated that 77% of US energy sector enterprises have at least one publicly leaked password, making them vulnerable to attacks.
The following methods are among the most common ways cyberattackers inflict damage:
- Attacks on Industrial Control Systems (ICS). These attacks aim to disrupt or alter processes related to the extraction, transportation, and refining of energy resources. The goal of attackers is to disable company infrastructure or steal industrial secrets.
- Ransomware Attacks. Following a breach and unauthorized access to company data, cyber criminals block access and demand a ransom to restore data access. This sometimes leads to a complete shutdown of company operations.
- Phishing and Social Engineering Attacks. Attackers manipulate employees via email, phone calls, or personal contacts to obtain credentials. Once access is gained, the criminals distribute malicious software.
- Supply Chain Attacks. This method aims to compromise third-party software, hardware, or service providers who have access to the energy companies’ networks.
- Attacks on Corporate IT Networks. The goal is the theft of intellectual property, financial data, disruption of business processes, or the use of corporate resources for further attacks.
- DDoS Attacks. Overloading energy companies’ websites and online services with a large number of requests, rendering them inaccessible to customers and partners. This attack is sometimes used as a distraction while another hack occurs simultaneously on a different target.
- Insider Threats. Malicious actions carried out by the company’s own employees (former or current). This results in data theft, intentional system damage, or the transfer of information to competitors or attackers.
Efforts to Strengthen Cybersecurity
Given the constant growth of cyberattack risks on energy infrastructure, the city is actively implementing a range of initiatives to protect it. The main measures include:
- Partnership with Federal Agencies. Houston energy companies collaborate with the US Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA). These joint efforts help preventively detect vulnerabilities and respond quickly to cyberattacks.
- Training and Attack Simulations. Energy companies regularly conduct personnel training, modeling cyber incidents, especially at critical facilities such as oil refineries and gas hubs. In November 2024, Houston hosted the Jack Voltaic 2.0 exercises, organized in cooperation with the US Army Cyber Institute. These exercises simulated simultaneous cyberattacks and natural disasters to test the city’s readiness for such events.
- Investment in Innovation. Major players with Houston offices, including Shell, Chevron, and CenterPoint Energy, are investing in the development of internal monitoring systems. They use various methods to prevent external interference. Among the latest innovations is the use of Artificial Intelligence (AI) to detect suspicious activity.
- Participation in Joint Initiatives. The Houston Energy Cybersecurity Collaborative was established in 2022, bringing together the public sector, private companies, and universities to exchange real-time threat information.
- Focus on Industrial System Protection. Special attention is given to protecting SCADA systems, which manage real-time operations. Their modernization remains a key priority.
Conclusion
Houston’s energy sector faces continuous cyber threats that can have serious consequences for the economy and security. The incidents involving Halliburton and Colonial Pipeline demonstrate that even large companies are not immune to attacks. Therefore, it is necessary to constantly improve security systems, train personnel, and strengthen cooperation among various industry participants.
Given Houston’s strategic importance in the energy sector, ensuring cybersecurity must be a top priority for all stakeholders. We must remember, however, that cyber criminals will always strive to be one step ahead.