Canadian oil company Suncor Energy confirmed on Monday that it was the victim of a cyberattack.
The Calgary-based energy giant said in a press release on Sunday evening that it had “experienced a cybersecurity incident”. Suncor provided no further details about the type of attack or which parts of its business were affected.
However, over the weekend, social media users complained about the inability to use credit or debit cards at the company-owned Petro-Canada gas station chain, as well as difficulties in accessing car wash services.
The chief executive of Vancouver-based cybersecurity firm Plurilock Security, Ian Paterson, said as of Friday he was also hearing that Suncor employees were unable to log into their own internal accounts. He stressed that several details about the attack and its repercussions remained unknown, while adding that his first reading of the situation was that it was not a minor data breach.
Petro-Canada posted a message on Twitter on Saturday saying the Petro-Points app and website were temporarily unavailable.
“All of these elements together suggest that there could be a significant cyber incident occurring,” Paterson said. I think it might actually be [une version canadienne de la crise du] Colonial Pipeline, like Suncor, is such a big part of the economy. »
In 2021, a ransomware attack successfully targeted the Colonial Pipeline, the largest network of refined petroleum products pipelines in the United States. It was the largest cyberattack on oil infrastructure in U.S. history, and forced the company to temporarily halt pipeline operations.
An incident that could be serious
In Canada, there has been no successful large-scale cyberattack on a national oil and gas company, although cybersecurity experts have warned for years that the country’s energy industry is an attractive target for cybercriminals. The latter term includes both financially motivated cybercriminals, such as hackers installing ransomware, as well as state-sponsored hackers seeking to create geopolitical chaos.
“This has the potential to be very, very serious for Suncor, and that’s not really a surprise,” Paterson said. The cybersecurity industry as a whole, and certainly federal and other governments, have been sounding the alarm for many years that critical infrastructure, in particular, is vulnerable. »
There is no indication that any of Suncor’s critical infrastructure, such as oil sands facilities or refineries, was impacted by the incident. The company said there was also no evidence that customer, supplier or employee data was compromised or misused.
Suncor said on Sunday that “certain transactions with customers and suppliers” may be affected as the company works to resolve the situation. She added that she informed the appropriate authorities of the incident.
Mr. Paterson noted that in the best-case scenario, Suncor will have detected the breach quickly. But he added that it was also possible that the company could take a long time to resolve the problem. “The problem here is that it’s a very large company with multiple subsidiaries and such an extensive set of services,” he explained. If the source of the threat is present and persistent, it could take a long time to eradicate it. »