Positive Technologies, in collaboration with Tetrasoft, has successfully thwarted a targeted cyberattack aimed at remotely monitoring hydrocarbon production. The attackers infiltrated the Tetrasoft infrastructure in July 2024, with active actions commencing in late September to early October. The attack utilized a range of utilities, such as remote access control and control of remote servers.
Experts have classified this incident as a supply chain attack, where the company acts as an intermediary to gain access to a larger target. Positive Technologies reported that in 2022, a similar scenario was identified in 20% of all cases investigated.
If successful, the attack could have caused significant disruptions in the supply of hydrocarbon resources both domestically and in international contracts. Thanks to swift action by experts, adverse effects on Tetrasoft’s customers were averted.
In response, the teams from Positive Technologies and Tetrasoft Information Security Center are working to identify the initial attack vector and address any additional vulnerabilities. Tetrasoft promptly established a Cybersecurity Operations Center (SOC) using Positive Technologies technology, including the new PT NGFW (Next-Generation Firewall).
The financial impact of the attack was substantial, with direct losses from downtime exceeding 65 million rubles and costs for restoring internal services surpassing 25 million rubles. The company anticipates these figures may rise.
Following their collaborative efforts, the companies are developing an industry-specific cybersecurity solution for the mining sector aimed at protecting against ongoing hacker threats. Simultaneously, they are working on national data management standards and secure development practices.
Tetrasoft specializes in offering remote drilling monitoring services, which encompass software provision, equipment supply and configuration, satellite communication, and video surveillance.