Every week seems to bring some new news on computer hackers or other cybersecurity breeches. This week it was the revelation from the IRS that criminals may have accessed tax records for more than 300,000 people. Last week it was word that hackers were able to break into the computer system of a moving Tesla electric car.
BSEE and the Coast Guard are trying to raise awareness that offshore computer systems are not immune to computer flaws. Earlier this month, BSEE official Rachael Lipinski posted on the agency’s blog that officials are concerned about vulnerabilities in operator and service company IT systems:
In one instance, a drilling rig was overwhelmed by malicious computer software. The malware spread throughout the rig’s computers controlling its safety equipment and the rig was shut down for almost three weeks while technicians worked to clear the malware.
This echos comments by both BSEE Director Salerno and USCG Admiral Thomas at the Offshore Technology Conference where they talked about the vulnerability of sophisticated systems. One of the point they made is that security from outside hackers is a real concern but not the only concern. The reliability and compatibility of technology used offshore is a genuine safety issue.
The real surprise here may be that we haven’t had more serious incidents offshore. We have seen examples of flaws in Dynamic Positioning equipment. Industry is trying to address some offshore safety issues through a heavier reliance on automation and improved technology. This is an issue that companies need to start incorporating into their SEMS programs. A quick read of the regulations on Mechanical Integrity makes it clear that MI isn’t limited to valves, pressure vessels and “physical” equipment. Does your MI program address potential vulnerabilities in IT systems and computer software?