Why the Chemical and Petrochemical Industry Faces Heightened Cyber Security Risks

The UK chemical and petrochemical industry is increasingly vulnerable to cyber breaches due to a combination of factors, including the sector’s reliance on outdated operational technology (OT), the growing threat of intellectual property theft, and the heightened risk of business interruption attacks. As the industry continues to digitise and integrate more interconnected systems, the potential for cyber-attacks has grown significantly. This blog article will explore the reasons behind the heightened cyber security risks in the UK chemical and petrochemical sector and discuss the implications of these threats.

Outdated Operational Technology and Increased Connectivity

A significant concern for the UK chemical sector is the widespread use of ageing OT systems. According to UK research, over two-thirds of UK chemical organisations rely on OT systems that are between 6-20 years old, with nearly a third being between 11-20 years old. This legacy infrastructure is becoming increasingly connected, with 74% of organisations confirming that their OT/ICS environments are accessible from corporate networks. This increased connectivity expands the attack surface, making it easier for hackers to exploit vulnerabilities. The interconnectivity between IT and OT systems allows hackers to move laterally from IT networks into OT environments, potentially causing operational disruptions. The use of smart sensors and other interconnected IT and OT systems, while beneficial for optimising processes, also exposes vulnerable OT assets that were not designed with security in mind.

Moreover, the trend towards digital transformation and the adoption of technologies like the Industrial Internet of Things (IIoT) and Industrial Edge has brought new challenges, including vulnerability to attacks and hacking. The integration of physical infrastructures with digital networks, while offering benefits such as remote access and visualisation, also introduces risks if not properly secured. The chemical industry’s low tolerance for downtime makes it particularly susceptible to ransomware attacks, which can halt production and lead to costly operational disruptions. This perception that chemical companies are likely to pay ransoms to avoid costly operational disruptions increases the likelihood that they will be targeted with such attacks.

Misplaced Confidence in Cyber Security and Regulatory Challenges

Despite the high risk, there is a degree of misplaced confidence in cyber security within the sector. Research shows that 82% of chemical organisations believe their OT systems are protected, yet 85% have experienced at least one successful attack in the past year. This disconnect between perceived security and actual vulnerability highlights the need for more robust cyber security measures. Furthermore, the sector faces challenges in complying with regulations such as the NIS Directive. Less than two-thirds of organisations align their physical and cyber security strategies, and nearly a quarter do not fully understand the NIS requirements. The UK’s critical national infrastructure (CNI) industry, including the chemical sector, is expected to face a significant cyber security skills shortage in the next few years, further exacerbating these challenges.

The UK Government has recognised these vulnerabilities and is taking steps to address them. Recently, the Department for Business and Trade signed a £200,000 contract with PA Consulting to review the cyber practices of chemical facilities and identify vulnerabilities. This initiative aims to develop a framework and guidance for the sector to enable operators to complete their own supply-chain mapping and address risks. Such efforts underscore the importance of collaborative action between industry stakeholders and government to strengthen defences against evolving cyber threats.

Intellectual Property Theft and Financial Motivation

Chemical companies are significant targets for intellectual property (IP) theft. In 2021, they were the fourth biggest victims of IP theft by value in the UK, just behind software and computer service providers. The financial motivation behind these attacks is substantial, with ransomware and IP theft being major threats. The sector’s significant investments in research and development make it particularly attractive to hackers seeking valuable IP. Specialty chemicals producers, who make material investments in R&D, are especially vulnerable to IP theft due to the high value of their intellectual assets.

The cost of cyber-attacks is expected to rise globally to $10.5 trillion by 2025, making the chemical manufacturing industry increasingly vulnerable. Recent incidents, such as the ransomware attack on Brenntag, a chemical distribution company, which paid a $4.4 million ransom to the ransomware group called Darkside, highlight the financial impact of these breaches. The external attack surface for top chemical manufacturers is substantial, with thousands of internet-exposed web applications and domains, many of which contain vulnerabilities that can be exploited by threat actors.

Operational Risks and Public Safety Concerns

The chemical industry’s reliance on complex and interconnected systems not only poses financial risks but also significant operational and public safety concerns. Cyber-attacks may not simply expose information or affect production but can also corrupt or influence computer systems, potentially pushing equipment out of safety limits and causing physical damage to equipment or even loss of life. The inherent danger in handling hazardous materials in chemical plants amplifies these risks, making robust cyber security measures essential to protect both personnel and the public.

The success of any cyber security measures lies in a proper assessment of the specific requirements of each chemical plant embracing digitalisation. A defence-in-depth approach to cyber security, involving comprehensive solutions rather than ad hoc measures, is crucial for combating cyber-attacks effectively. This includes regular security audits, penetration testing, and red, blue, or purple team exercises, which are currently underutilised in the sector. Addressing these operational risks requires a concerted effort from industry leaders, regulatory bodies, and government agencies to ensure that cyber security practices are aligned with the evolving threat landscape.

Conclusion

The UK chemical and petrochemical industry is at a heightened risk of cyber breaches due to outdated infrastructure, misplaced confidence in security measures, and the financial motivations of hackers. The sector’s low tolerance for downtime and significant investments in R&D make it an attractive target for ransomware and IP theft. To mitigate these risks, organisations must invest in robust cyber security practices, align physical and cyber strategies, and address the impending skills shortage. Collaboration between industry stakeholders and government initiatives is crucial to strengthen defences against evolving cyber threats. As the industry continues to digitise, it is imperative that these challenges are addressed proactively to protect both the sector’s economic viability and public safety.

If you would like to discuss any of the topics covered in the above article please get in touch with our experienced team – info@somniacsecurity.com

Sources:

https://www.spglobal.com/ratings/en/research/articles/221031-chemical-companies-face-increasing-cyber-risk-on-the-road-to-digitization-12517764
https://www.bridewell.com/insights/news/detail/chemical-sector-under-pressure-from-cyber-attacks-despite-high-confidence-in-security
https://www.chemicalindustryjournal.co.uk/chemical-manufacturers-must-take-application-security-more-seriously
https://otifyd.com/industries/chemical/
https://www.publictechnology.net/2025/03/06/defence-and-security/dbt-signs-200k-deal-to-review-cyber-practices-and-identify-vulnerabilities-of-uk-chemical-infrastructure/
https://www.chemicalindustryjournal.co.uk/cyber-security-management-in-the-chemical-processing-industry
https://www.chemicalindustryjournal.co.uk/cyber-security-should-not-be-ignored-in-the-chemical-industry
https://konbriefing.com/en-topics/cyber-attacks.html
https://www.gov.uk/government/consultations/ransomware-proposals-to-increase-incident-reporting-and-reduce-payments-to-criminals/ransomware-legislative-proposals-reducing-payments-to-cyber-criminals-and-increasing-incident-reporting-accessible
https://www.themanufacturer.com/articles/uk-security-industry-records-almost-250-export-increase-over-last-decade/
https://www.chemicalindustryjournal.co.uk/chemical-processing-industry-responds-to-increasing-cyber-security-threat
https://www.nao.org.uk/press-releases/cyber-threat-to-uk-government-is-severe-and-advancing-quickly-spending-watchdog-finds/
https://www.pwc.com/gx/en/news-room/press-releases/2024/pwc-2025-global-digital-trust-insights.html
https://www.gov.uk/government/publications/cyber-security-sectoral-analysis-2025
https://www.cia.org.uk/cia-news/the-chemical-industry-transition-pathways-for-a-resilient-and-sustainable-future/1015.article
https://assets.publishing.service.gov.uk/media/67b5f85732b2aab18314bbe4/National_Risk_Register_2025.pdf
https://www2.deloitte.com/us/en/insights/industry/oil-and-gas/chemical-industry-outlook.html
https://assets.publishing.service.gov.uk/media/67cad8b18c1076c796a45c25/Cyber_Security_Sectoral_Analysis_Report_2025.pdf
https://cyberintelsys.com/ics-ot-cyber-security-for-the-chemicals-industry/
https://www.icheme.org/media/11915/lpb268_p02.pdf
https://www.thechemicalengineer.com/news/chemical-engineer-warns-lawmakers-about-uk-s-cyber-weaknesses/
https://verveindustrial.com/solutions/by-industry/chemicals/
https://www.mayerbrown.com/-/media/files/perspectives-events/events/2021/04/chemical-industry-cyber-operational-technology-brochure.pdf
https://www.cia.org.uk/news/cybersecurity-network-to-make-the-uk-safer-and-more-resilient/980.article
https://www.monarchchemicals.co.uk/Information/News-Events/679-/The-rise-of-cyber-crime-in-the-chemicals-industry
https://www.littlefish.co.uk/insights/cyber-security-in-pharmaceutical-industry/
https://www.chemicalindustryjournal.co.uk/cyber-risks
https://www.accenture.com/us-en/blogs/chemicals-and-natural-resources-blog/chemical-companies-need-robust-security
https://www.amazingsupport.co.uk/blog/the-top-5-industries-vulnerable-to-cyber-attack/
https://www.upguard.com/blog/biggest-data-breaches-uk
https://www.thechemicalengineer.com/news/uk-government-launches-nuclear-cybersecurity-centre-months-after-sellafield-fine-for-data-breaches/
https://www.bitdefender.com/en-gb/blog/hotforsecurity/uk-at-growing-risk-of-major-cyber-incidents-terrorist-attacks-research-suggests
https://www.infosecurityeurope.com/en-gb/blog/threat-vectors/top-attacks-uk-public-sector-2024.html
https://www.ncsc.gov.uk/section/keep-up-to-date/reports-advisories
https://www.cybercrowd.co.uk/news/top-5-uk-cybersecurity-headlines-from-january-2025-insights-and-actions-for-businesses/
https://securitybrief.co.uk/story/uk-technology-heads-prioritise-cybersecurity-in-2025
https://www.chemicalindustryjournal.co.uk/why-cyber-attack-threats-should-not-hinder-digitalisation-in-the-chemical-industry
https://news.siemens.co.uk/news/why-cyber-attack-threats-should-not-hinder-digitalisation-in-the-chemical-industry
https://www.itgovernance.co.uk/blog/south-staffordshire-water-targeted-by-cyber-attack
https://industrialcyber.co/utilities-energy-power-water-waste/chaucer-reports-surge-in-cyber-attacks-on-uk-utilities-amid-rising-geopolitical-tensions/
https://securitybrief.co.uk/story/uk-manufacturing-faces-surge-in-ai-driven-cyber-threats
https://www.forescout.com/blog/analysis-of-clops-attack-on-south-staffordshire-water-uk/
https://wisdiam.com/publications/recent-cyber-attacks-water-wastewater/