The past two weeks have witnessed a series of cyber attacks against several national oil outlets. The oil industry in Angola, Kenya, and Mexico have all been targeted by website defacements in these past few weeks. The names of OpAngola, OpGreenRights, and OpPemex were attached to each, respectively. A timeline view using Recorded Future’s analysis tool provides a keen visualization of these attacks in relation to one another.
By the same token, the data underlying the above visualization provides additional insight into these three separate attacks. And that’s exactly what they are – three distinct hits that, while targeting actors in the same industry, are different in their objectives.
OpAngola, for example, went after the government of Angola, the third largest oil producer in Africa. AnonGhost led the defacement of some seventy government websites, including the Ministry of Oil’s, on December 4. The operation was launched after claims were made that the Angolan government was set to make Islam illegal in the country. Such claims were false.
AnonGhost was also behind the defacement of the website belonging to the National Oil Corporation of Kenya on December 10. The motivation here is less straightforward than in the case of OpAngola, yet the use of the hashtag #OpGreenRights with the attack is a clear association with the larger OpGreenRights campaign initiated by Anonymous.
This cyber campaign was launched after the taking of the so-called “Arctic 30” by Russian security forces on September 18. In a video release, Anonymous stated that OpGreenRights was “designed to target high-level communication assets of the Russian Federation worldwide.” While going after the national oil company of Kenya is a far cry form a “high-level communication asset” of Russia, the OpGreenRights moniker can of course be applied across different targets. The clear connection with oil is close enough.
In addition, Anonymous was behind the most recent cyber attack targeting an oil actor:OpPemex. The attack took down the websites of both the Mexican Senate and the Chamber of Deputies on December 12 in protest over a soon-to-be passed bill that leads to greater privatization of the state oil company, Pemex. The bill has passed the Senate and is slated to pass the Chamber of Deputies in the days ahead.
As the above data highlights, the targeting of actors in the same industry in this string of cyber attacks is not indicative of a larger industry-wide threat. The rationale behind each attack is not related in the same way that those oil-producing countries targeted byOpPetrol were supposed to be in June of this year.