
Cybersecurity in the healthcare sector: when a breach puts lives at risk
25 de June de 2026Cybersecurity in the Oil & Gas sector does not protect data: it protects critical infrastructure
Digital transformation has radically changed the way the oil and gas industry operates. Industrial automation, remote monitoring, IoT sensors, satellite communications, real-time supervisory systems, and the integration of IT and OT environments have enabled organisations to increase efficiency, optimise operations, and reduce operating costs.
However, this evolution has also significantly expanded the attack surface of infrastructures whose disruption could affect not only business operations, but also the energy supply of entire countries.
In this context, protecting SCADA systems in the oil and gas sector has become a strategic priority for operators, energy companies, and regulatory authorities. Protecting the corporate network is no longer enough. Organisations must also protect the systems that control valves, pumping stations, pipelines, gas pipelines, refineries, and extraction platforms.
When an attacker compromises a SCADA system, the risk is no longer purely digital. It becomes an operational, economic, environmental, and even human risk.
What Is a SCADA system and why is it so critical in the oil & gas sector?
SCADA (Supervisory Control and Data Acquisition) systems form the operational core of the Oil & Gas industry. They are responsible for monitoring and controlling, in real time, thousands of variables distributed across facilities that may extend for hundreds or even thousands of kilometres, including pressure, temperature, flow rates, storage levels, pumping speed, and valve positions.
Traditionally, these systems remained isolated from the Internet. Industry 4.0 has eliminated that isolation, and today it is common to find remote maintenance access, integration with cloud platforms, monitoring from corporate control centres, continuous interaction with ERP systems, and maintenance activities performed by equipment manufacturers and third-party service providers.
This connectivity provides enormous operational benefits, but it also multiplies cyber risks.
IT/OT convergence has changed the rules of industrial cybersecurity
For decades, IT and OT existed as two separate worlds. IT departments protected servers, workstations, and corporate applications, while OT engineers managed PLCs, RTUs, HMIs, and SCADA systems under an operating model focused primarily on availability and operational continuity.
Digital transformation has brought these environments together. Today, an IT incident can directly affect the operation of an industrial facility, and this convergence has removed the traditional isolation that once protected many systems, forcing organisations to rethink their cybersecurity strategies.
Industrial cybersecurity is no longer limited to preventing external access. It must ensure that no user, whether internal or external, can alter physical processes without authorisation, regardless of where they are located.
Real-world incidents: when a SCADA attack impacts the physical world
The threat is no longer theoretical. Over the past decade, several incidents have demonstrated the enormous impact that cyberattacks can have on critical energy infrastructure.
Colonial Pipeline: a compromised credential brings fuel distribution to a standstill. In May 2021, Colonial Pipeline suffered one of the most significant cyber incidents ever recorded against energy infrastructure. Although the ransomware initially affected IT systems, the company decided to proactively shut down operations on the largest fuel pipeline on the U.S. East Coast. The result was a temporary interruption of fuel supply, widespread panic buying, and severe economic disruption. The investigation conducted by the U.S. Department of Homeland Security confirmed that the initial compromise occurred through a compromised VPN account that was not protected by multi-factor authentication. Source: US Energy Agency
New regulations for U.S. Pipelines. Following the Colonial Pipeline incident, the Transportation Security Administration (TSA) issued mandatory cybersecurity directives for operators of critical oil and gas pipelines, strengthening requirements related to monitoring, network segmentation, and access management. Source: MITRE ATT&CK
TRITON: when the target is the industrial safety system. One of the most sophisticated cyberattacks ever documented was TRITON (also known as TRISIS). The attackers compromised the Safety Instrumented System (SIS) of a petrochemical plant with the objective of disabling the physical safety mechanisms designed to prevent industrial accidents. The incident was jointly analysed by CISA, the FBI, the NSA, and the U.S. Department of Energy. Source: CISA
TRITON permanently changed the perception of OT cybersecurity. The attackers’ objective was no longer simply to halt production, but to manipulate systems specifically designed to protect human lives.
The greatest risk is no longer vulnerabilities: it is identities and credentials
For years, protecting SCADA systems relied primarily on network segmentation, industrial firewalls, and physical isolation. These measures remain essential, but they are no longer sufficient.
Most interventions on critical infrastructure require legitimate access by maintenance engineers, equipment manufacturers, subcontractors, remote operators, and system administrators. Every one of these identities represents a potential entry point.
The problem is compounded by a reality that is often overlooked but widespread across OT environments: many SCADA systems, PLCs, and engineering workstations continue to operate with weak passwords, default credentials, shared accounts, or even without authentication at all. They also coexist with legacy equipment that was never designed to integrate into modern identity architectures. These systems, often impossible to replace due to operational constraints or cost, cannot realistically be upgraded in the short term, but they can be protected at the point of access.
If an attacker compromises privileged credentials, or simply attempts a default password on a legacy device, they can gain access using entirely legitimate mechanisms. For this reason, the true security perimeter is no longer the network: it is identity.
Secure remote access: the greatest challenge in the Oil & Gas sector
Operating geographically distributed energy infrastructure requires remote maintenance on an almost daily basis. However, traditional architectures still rely on permanent VPN connections or direct access to the industrial network, creating significant limitations: limited traceability, excessive privileges, lateral movement opportunities, dredential reuse and minimal visibility into third-party activity
Modern architectures replace this model with environments in which access is granted only for the time strictly required and always under continuous supervision. The principle is straightforward: the external provider never connects directly to the industrial system. Instead, they connect to a controlled session.
IEC 62443 and NIS2: regulation is driving a new security architecture
Protecting critical infrastructure is no longer simply a matter of following best practices. International regulations and standards now require increasingly stringent security controls.
- IEC 62443, the international reference standard for industrial control system security.
- The NIS2 Directive, requiring essential operators to implement advanced risk management and access control measures.
- The NIST Cybersecurity Framework, widely adopted across critical infrastructure sectors.
- ISA/IEC 62443 Zones & Conduits, designed to ensure secure segmentation of OT environments.
These frameworks all converge on the same fundamental principle: protecting access is just as important as protecting the infrastructure itself.
Identity as the core of industrial security
The natural evolution of industrial cybersecurity lies in integrating specialised identity security solutions. IAM determines who is allowed to access systems, IGA ensures that permissions remain accurate and aligned with organisational policies, PAM protects privileged accounts and administrative credentials, ITDR detects anomalous behaviour even when legitimate credentials are being used.
Together, these disciplines make it possible to build an architecture in which every access request can be verified, every session is fully recorded, and every privilege is limited to the minimum level required.
Cosmikal: secure access control for SCADA Systems, including the most vulnerable ones
In industries such as oil and gas, where operational continuity is mission-critical, controlling access is just as important as protecting the infrastructure itself. Cosmikal addresses this challenge through two complementary solutions: Endurance and Ranger.
Endurance, certified by CCN-CERT (CPSTIC, PAM and VDI taxonomy) and validated by NATO (NIAPC catalog), creates a Remote Secure Workspace (RSW) that integrates PAM, VDI, IAM, and DLP within a single secure environment.
Instead of connecting directly to the SCADA server, PLC, or engineering workstation, users work from an isolated, fully audited secure workspace in which only keyboard, mouse, video, and audio events are transmitted. Neither the endpoint nor the network from which the engineer connects ever comes into direct contact with the industrial system. This is particularly important when the target system cannot adequately protect itself, for example, systems with weak or non-existent passwords, shared credentials among multiple technicians, or legacy platforms that cannot support updates or modern authentication mechanisms. In these situations, Endurance moves the security boundary to the access point itself, regardless of how robust, or vulnerable, the internal configuration of the asset may be.
Ranger, in turn, secures the opposite end of the connection: the physical workstation from which engineers and operators access systems every day in control rooms, operations centres, and field facilities. It replaces traditional PCs with diskless, stateless thin clients that boot and run every session within a non-persistent environment, centrally managed through Ranger Manager and restored to a clean image at every startup. The result is an endpoint that is virtually impossible to compromise: there is no exposed operating system, no local storage that can be infected, and no local dependencies that an attacker can exploit to move laterally towards the SCADA environment. When used together with Endurance, Ranger also secures the local endpoint of the session, ensuring that a compromised device, a common vector for phishing attacks, malware, or configuration errors, is completely isolated and unable to reach industrial assets.
This combination provides key advantages for Oil & Gas environments:
- Eliminates the direct exposure of critical systems, including legacy equipment that lacks built-in authentication capabilities.
- Records every session, facilitating audits, compliance reviews, and forensic investigations.
- Restricts lateral movement throughout the industrial network, both from the remote endpoint and from the local workstation.
- Protects access for third-party suppliers and maintenance engineers through temporary, supervised sessions with no local data storage.
- Significantly reduces the physical attack surface in control rooms and operations centres through the use of Ranger thin clients.
- Simplifies compliance with standards such as IEC 62443, NIS2, and the Spanish National Security Framework (ENS).
Security no longer depends solely on the robustness of each individual system. Instead, it is based on identity, context, and continuous session control, both for remote access and for physical workstations.
Conclusion: protecting a SCADA system means protecting energy continuity
Digital transformation has made oil and gas infrastructures more efficient, but also more exposed. The Colonial Pipeline and TRITON incidents demonstrate that a cybersecurity breach can have consequences far beyond the technological domain, directly affecting energy supply, public safety, and the environment.
Protecting SCADA systems in the oil and gas sector requires a comprehensive approach that combines network segmentation, continuous monitoring, identity and privileged access management, ongoing supervision, and architectures specifically designed for OT environments, architectures capable of securing both remote access and physical workstations, including legacy systems and those with limited built-in security.
In an environment where industrial systems control mission-critical physical processes, cybersecurity is no longer simply about preventing attacks. It is about ensuring that every access request is justified, every action is traceable, and every intervention can be performed without compromising operational continuity.
Because when critical energy infrastructure stops operating, the impact is measured not only in lost data, but in society’s ability to keep essential services running.
Frequently asked questions
What is a SCADA system, and why is it such an attractive target for attackers?
A SCADA system monitors and controls critical physical processes in real time, including pressure, flow rates, valves, and pumping stations, across oil and gas facilities. It is an attractive target because a successful compromise affects much more than data: it can manipulate real industrial processes, causing operational disruption, financial losses, and physical safety risks.
Why are network segmentation and industrial firewalls no longer sufficient?
Because most access to SCADA systems is legitimate—carried out by engineers, equipment manufacturers, and external service providers using valid credentials—traditional network segmentation is not sufficient on its own. If those credentials are compromised, or if devices rely on weak, default, or non-existent passwords, attackers can still gain access despite network barriers. The real security perimeter is identity, not just the network.
How does Endurance protect a SCADA system that uses weak passwords or has no authentication?
Endurance moves the security boundary to the access point. Users never connect directly to the PLC, SCADA server, or engineering workstation. Instead, they operate through a Remote Secure Workspace, where only keyboard, mouse, video, and audio events are transmitted. This approach protects industrial assets even when their internal security configuration is weak or when they cannot support modern authentication mechanisms, as is often the case with legacy equipment.
What is the difference between Endurance and Ranger?
Endurance secures remote access to critical assets through its Remote Secure Workspace (RSW) architecture. Ranger protects the physical workstation by using diskless thin clients operating in non-persistent Local Secure Workspaces (LSW), specifically designed for control rooms, operations centres, and industrial environments where remote working is not practical. The two solutions can be deployed together to secure both the remote endpoint and the local endpoint.
Do these solutions help organisations comply with IEC 62443 and NIS2?
Yes. By isolating user sessions, recording every access, and limiting privileges to the minimum necessary, Endurance and Ranger facilitate compliance with IEC 62443, the NIS2 Directive, and the Spanish National Security Framework (ENS), particularly regarding access control, auditability, traceability, and identity management.
Is it necessary to replace legacy SCADA systems to secure them?
No. Replacing legacy equipment is often operationally impractical or financially prohibitive. Cosmikal’s approach does not rely on modifying the industrial system itself. Instead, it secures the access to the system, allowing organisations to protect legacy assets without altering their operation or jeopardising business continuity.
Did you find this article useful? Share it with your cybersecurity team or with the person responsible for compliance within your organisation.




