June 27 (UPI) -- Russian oil company Rosneft said Tuesday its systems were the target of a cybersecurity attack, just as industry analysis finds sector vulnerabilities.
In a statement posted on its official Twitter account, Rosneft said its server was the target of a "powerful hacker," adding it was wary of a possible connection to a legal proceeding involving the company.
According to Russian news agency Tass, a Russian court froze the assets of holding company Sistema in a case filed by Rosneft and oil company Bashneft. The oil companies are trying to recover about $2.9 billion in losses as a result of reorganization that followed Sistema's end of control over Bashneft in 2014, the report read.
Cyberattacks are on the rise, with U.S. and British government agencies the more recent targets.
A report published Monday by accounting firm Deloitte said oil and gas companies in general show a "limited strategic appreciation" for cyber-related threat issues.
Deloitte said the oil and gas industry last year was the second-most prone to attacks, with about 75 percent of the companies in the United States getting hit at least once. Only a handful, however, said cybersecurity presented a major risk.
"Whether hackers use spyware targeting bidding data of fields, malware infecting production control systems, or denial of service that blocks the flow of information through control systems, they are becoming increasingly sophisticated and, specifically alarming, launching coordinated attacks on the industry," the report read.
The industry's certification body DNV GL estimates cybercrimes costs the energy and utilities sector about $12.8 million each year in lost business and equipment damage.
So far, eight companies from Shell to Norwegian major Statoil have teamed up to form an industry partnership to address the emerging threat.
With crude oil prices putting a squeeze on corporate spending, Ernst & Young said last year that oil and gas companies have little leeway on where they put their financial focus. Their report said this means cybersecurity may be lower on the priority than operations that would have more apparent value for shareholders.