Oil and Gas Sector Faces Escalating Cybersecurity Threats

Cyberattacks on critical infrastructure in Latin America have intensified, with the oil, gas, and energy sectors being the most heavily targeted. According to cybersecurity firm Kaspersky, these industries account for 27% of cyberattacks in the region, highlighting significant vulnerabilities in these critical sectors.

In Mexico, 10% of companies reported online security incidents over the past two years, attributing these breaches to inadequate cybersecurity funding. Following the energy sector, the transportation and logistics industries have also been significantly impacted, recording 18% of cyber vulnerabilities. Manufacturing, another key sector, has experienced 15% of cyber incidents, emphasizing the need for improved security practices across various industries.

To bolster their defenses, Mexican companies are implementing several key measures. These include deploying threat detection software (51%), introducing endpoint protection software (42%), hiring additional IT professionals (49%), and adopting cloud-based software solutions (23%), reports Kaspersky. Claudio Martinelly, Director General Latin America, Kaspersky, emphasized that the information security departments within companies must not only justify these investments but also ensure their effectiveness in mitigating risks.

PEMEX Acknowledges Growing Cybersecurity Risks

Earlier this year, PEMEX recognized cybersecurity threats as one of its primary risks. The company admits that such threats could lead to significant disruptions in operations, financial losses, reputational damage, and other serious consequences. PEMEX's reliance on information technology systems and services makes the integrity of these systems crucial to avoiding direct harm.

In a report to the US Securities and Exchange Commission (SEC), PEMEX acknowledged the increasing sophistication, coordination, and cost of cyberattacks, which could directly target its operations. The report references a significant cyberattack in 2019, where PEMEX's systems were compromised by ransomware, leading to disruptions in strategic operations, particularly in the Southeast Basin, and fuel distribution. The affected systems had to be operated manually, underlining the severe impact of such breaches.

To mitigate these risks, PEMEX has contracted third-party cybersecurity experts to identify vulnerabilities, train staff, and address emerging threats. This proactive approach aims to strengthen the company’s defenses against increasingly sophisticated cyber threats, ensuring the continuity of its critical operations and protecting its financial stability.