A major Canadian energy producer and owner of the Petro-Can gas station network has acknowledged suffering an undefined cyber attack.
In a brief news release late Sunday, Suncor Engery said it “has experienced a cyber security incident. The company is taking measures and working with third-party experts to investigate and resolve the situation, and has notified appropriate authorities.
“At this time, we are not aware of any evidence that customer, supplier or employee data has been compromised or misused as a result of this situation.”
In a report issued this morning, Vancouver-based cybersecurity firm Plurilock said the announcement came after reports Friday that staff were unable to login to their accounts. In addition, Petro-Can was also unable to accept electronic payments.
UPDATE: In an interview, Leighan Slade, a Suncor spokesperson, said the company isn’t saying anything more now beyond the Sunday night statement.
UPDATE: A Toronto Petro-Can station told IT World Canada that the ability to take credit and debit cards was restored Wednesday, six days after the attack.
Governments worry about the potential impact of successful cyber attacks on the energy sector, which could shut down a nation’s economy. The 2021 ransomware attack on Colonial Pipeline in the U.S., for example, sparked huge lineups for gasoline.
As a result of that attack, a number of energy producers — including Calgary-based Suncor vowed to improve their cybersecurity resiliency at the annual gathering of the World Economic Forum (WEF).
The attack on Suncor also comes after a cyber attack in April on an unnamed Canadian energy company. In that incident stolen documents from the U.S. Pentagon quoted a pro-Russian group called Zarya claiming it compromised the operational technology side of a pipeline company. Prime Minister Justin Trudeau later admitted something had happened. “I can confirm in regards to reports of cyber attacks against Canadian energy infrastructure that there was no physical damage to any energy infrastructure following cyber attacks,” he told reporters.
The energy sector and their respective distribution networks have for years been recognized by the Canadian government as part of the country’s critical infrastructure. Last week the government’s Canadian Centre for Cyber Security issued the latest in a series of reports on the threat to the sector.
“We assess that financially motivated cybercrime, particularly business email compromise and ransomware, is almost certainly the main cyber threat facing the Canadian oil and gas sector,” it says. “Ransomware is almost certainly the primary cyber threat to the reliable supply of oil and gas to Canadians.
The oil and gas sector in Canada will “very likely continue to be targeted by state-sponsored cyber espionage for commercial or economic reasons,” it adds. “At risk are proprietary trade secrets, research, and business and production plans.”
But it also says it is “very unlikely that a state-sponsored cyber actor would intentionally disrupt or damage the oil and gas infrastructure in Canada outside of hostilities.”
“The Cyber Centre is aware of efforts by Russian state-sponsored threat actors to compromise and establish persistence (i.e. pre-positioning) on the networks of Canadian and U.S. critical infrastructure providers, including organizations in the oil and gas sector.”
Suncor, with gross revenues of $62 billion, runs oil sands production facilities in Alberta, offshore oil and gas production, petroleum refining in Canada and the U.S., and the Petro-Canada retail and wholesale distribution networks.