Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
A former employee attacks offshore platforms.
Day Month Year Country Activity Incident Type
1 May 2008 United States Offshore Intrusion


The victim, a leading drilling firm, relies on sophisticated computer systems which are essential for offshore operations, including remote telemetry and leak detection.

According to sources, after the termination of his contract in May 2008, a former IT consultant with the company allegedly accessed its communication system without authorization. This system, which the consultant had previously set up, ensured communication between the company's onshore offices and offshore oil platforms. The unauthorized intrusion had an important impact on integrity and availability, causing significant financial losses.

Though the company temporarily lost control of its telemetry systems, there were no consequent oil leaks or environmental hazards. The investigations identified evidence pointing to the consultant's involvement. If found guilty, he could be charged with potential penalties reaching up to ten years in prison.


Pacific Energy Resources

Claimed/Reported Threat Actor




Main impact



Recommendations to Offshore to reduce Intrusion risks:

  • Implement strong access controls and authentication mechanisms to limit unauthorized access, such as Multi Factor Authentication.
  • Regularly update and patch software and systems to address known vulnerabilities.
  • Use Network Intrusion Detection Systems (NIDS) to monitor and block suspicious activities.
  • Segment your network to limit lateral movement by attackers in case of a breach.
  • Educate your employees about phishing attacks and social engineering tactics to prevent credential theft.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Monday, 11th December 2023.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2023.