Arabian Gulf nations are stepping up efforts to defend energy infrastructure from hackers as they make multibillion-dollar investments in the oil and nuclear sectors.
Adnoc team targets cyber crime defence
A team of 20 people from the Abu Dhabi National Oil Company and its subsidiaries are examining how to bolster cyber security as the emirate seeks to increase pumping capacity from 2.8 million barrels per day (bpd) to 3.5 million bpd by 2018.
In the same period, Saudi Arabia is expected to double spending on homeland security from US$7.8 billion (Dh28.65bn) to $15.4bn, including the creation of a 35,000-strong protection force for the oil industry, said the US consultancy Homeland Security Research.
Foreign companies are moving in to provide defence for existing oil installations as well as new projects, such as Abu Dhabi's $20bn nuclear plant, where construction kicked off last week.
"Frankly speaking, we are not any more today in the era where some young teenagers playing with their computers can attack," said Guy Meguer, the head of Middle East for Cassidian Cyber Security, part of the European defence conglomerate EADS.
"We are far beyond this. We are today working against organised crime. We are talking about some cases of crimes being organised by some countries."
Businesses as specialised as the Australian fibreoptics firms and Cassidian Cyber Security, until recently a team of 10 people serving EADS internally, are among those moving into the region.
The expected increase in cyber security spending comes from companies modernising old systems, projected investments in sensitive technologies such as nuclear and a growing awareness of attacks in the region. This year Iran reported that a virus, dubbed "Viper," had temporarily handicapped control systems at the oil export hub of Kharg Island. Two years earlier the Stuxnet worm infected 30,000 Iranian IP addresses in an attack on nuclear facilities.
Cyber security boffins also cite a 1982 Soviet gas pipeline accident, one of the biggest non-nuclear explosions ever, which a former US air force secretary later attributed to the work of CIA programmers.
In a worst-case scenario, a hacker might attack a chemical plant, handicapping its output and releasing harmful material, said Mr Meguer. Cassidian, which works with Saudi Aramco and the UAE's Critical National Infrastructure Authority, is targeting business protecting the UAE's nuclear site 300km west of the capital.
"You can't imagine that because the nuclear plant is isolated it will not be attacked," said Mr Meguer. "It can be attacked because we are working in a digital world."