Specialists Martijn and Dennis | KPMG | NL
Share with your friends

Hacking into offshore rigs

Specialists Martijn and Dennis

Specialists Martijn and Dennis are flown in regularly to detect vulnerabilities and close leaks in security.

Specialists Martijn and Dennis

Cyber security on offshore rigs is a hot issue. Malware, careless handling and targeted attacks can seriously endanger industrial processes and the safety of personnel. Specialists Martijn Sprengers and Dennis Waalewijn are regularly flown in to identify vulnerabilities and to close security leaks.

Thorough inspection
As a professional hacker, we break into offshore rigs. Digitally of course. Our work often takes us abroad to places like Indonesia or Thailand. We use a helicopter to fly to the rig in question. Especially for this purpose we completed the BOSIET-HUET training (helicopter under water escape training) to be able to work on offshore installations.

We always start an engagement with a thorough inspection to obtain an inventory of the systems. Which IT components are available? For which industrial process are the IT systems used? We identify possible weaknesses based on interviews, physical inspections and configuration reviews with the operators and engineers, as well as the data from the systems and the network.. One of us stays ashore at the head office, with all the drawings and talks with the other one on the offshore rig, who goes through the systems so that he can check all the routers, switches and cables on location.

Attention for safety
We each have our specialism. One is better at cracking passwords. The other in understanding protocols. By testing the systems, we make cyber security risks transparent and by means of a so-called 'threat vector diagram' we show the vulnerabilities. We take all the time that is required to explain our findings to the people we work with. We do this to create as much attention as possible to safety. Cyber security is of vital importance on an offshore rig. If such a rig is hacked, it can cost lives. Think, for example, of terrorists who may be able to hack into a system to increase the pressure of certain pumps in such a way that everything explodes.

A real kick!
Our work for KPMG really has a social significance. You are constantly at the front line to keep companies secure. Every time we do this, it makes the world a little safer. As a user, you might not notice much of that. But behind the scenes, companies are constantly working to ensure that you don't run any risks and that your data, assets or even life are protected. Of course, it always gives a kick if you have hacked a company successfully. On the one hand because you have solved the puzzle and are 'inside'. On the other hand, it is very valuable that you have found a security breach. "I sometimes feel just like James Bond''.

Find our job vacancies at the job platform or contact the HR Recruitment team for more information about your career opportunities at KPMG (recruitment@kpmg.nl).