Petronas Crowdstrike: The Malaysia-Based Energy Giant’s Cybersecurity Incidents

As one of the world’s largest and most respected energy companies, Petronas plays a critical role in meeting the world’s growing energy demands. With a presence in over 60 countries and a diverse portfolio of energy production, processing, and marketing operations, Petronas is a leader in the energy sector. However, despite its many successes, Petronas has been affected by a series of cybersecurity incidents, highlighting the importance of robust cybersecurity measures in today’s digital age.

Background

Petronas, short for Petroliam Nasional Berhad, is a Malaysian public-listed energy company founded in 1974. The company is 64.14% owned by the Government of Malaysia, with the remaining shares listed on the Bursa Malaysia. Petronas is involved in a wide range of energy-related activities, including upstream and downstream operations, renewable energy, and petrochemicals.

Cybersecurity Incidents

In recent years, Petronas has been affected by several significant cybersecurity incidents. In 2019, the company reported a ransomware attack on its IT systems, which resulted in the disruption of business operations and the theft of sensitive data. The attack was attributed to a group of rogue cybercriminals who demanded a ransom in exchange for returning the stolen data.

In 2020, Petronas suffered a major data breach, which exposed sensitive information about its employees, contractors, and customers. The breach was attributed to a compromised username and password combination, which granted unauthorized access to the affected systems.

More recently, in 2022, Petronas reported a cybersecurity incident involving a phishing attack, which compromised the email accounts of several employees. The attack was carried out by a sophisticated phishing campaign, which bypassed the company’s security measures and allowed attackers to access sensitive information.

Crowdstrike Role

In the wake of these cybersecurity incidents, Petronas has enlisted the help of Crowdstrike, a leading cybersecurity firm specializing in incident response, threat intelligence, and managed security services. Crowdstrike is a US-based company co-founded by George Kurtz, a renowned cybersecurity expert.

Crowdstrike’s role in Petronas’ cybersecurity incidents has been to investigate and respond to the attacks, identify the perpetrators, and provide recommendations for improving the company’s cybersecurity posture. The firm’s expertise in threat intelligence and incident response has been invaluable in helping Petronas contain and mitigate the impact of these attacks.

Lessons Learned

The recent cybersecurity incidents affecting Petronas serve as a stark reminder of the importance of robust cybersecurity measures in today’s digital age. The company’s experience highlights the following key lessons:

1. Cybersecurity is a shared responsibility: The Petronas incidents demonstrate that cybersecurity is not just a technical issue, but also a business imperative that requires collaboration across departments and stakeholders.
2. Threats evolve rapidly: The increasing sophistication of cybercriminals and nation-state actors demands continuous awareness and adaptability to stay ahead of emerging threats.
3. Incident response is crucial: Having an effective incident response plan in place is essential for containing and mitigating the impact of cybersecurity incidents.
4. Investment in cybersecurity is essential: Petronas’ experience reinforces the importance of investing in cybersecurity measures, including threat intelligence, incident response, and managed security services.

Conclusion

Petronas Crowdstrike is a cautionary tale about the importance of cybersecurity in today’s digital age. Despite its many successes, Petronas has faced several significant cybersecurity incidents, highlighting the need for robust cybersecurity measures, incident response, and continuous investment in cybersecurity. As the energy sector continues to evolve, it is essential that companies like Petronas prioritize cybersecurity to protect sensitive data, ensure business continuity, and maintain stakeholder trust.