Context and infrastructure protection
Energy infrastructures can be targeted by several types of actors, using a large array of tactics. Attacks have in common the goal of interrupting operations, thus causing damage to the companies involved and the government of the producer country. However, different geographical contexts offer different capabilities and tactics to attackers.
The security environment of the oil and gas industry largely depends on the overall stability and security of the region where the infrastructures are located. A situation of international tension in a region can indeed increase risks for the infrastructures, even when the producer country is not directly involved in the origin of the tension. In fact, the worsening of the multilateral context can lead to an arms race, which in turn could increase capabilities for damaging energy infrastructures.
A critical situation can create an uncomfortable environment for international investors. In turn, non-state actors can exploit this situation by targeting foreign companies in order to further increase their incentives to leave the country and precipitate the situation.
Piracy is an extreme example of the importance of geographical context. This type of criminal activity typically targets oil tankers in order to receive a ransom and, in theory, the same motive could also lead to an action targeting an offshore platform. However, piracy needs a regional context where a failed or semi-failed State has become a safe harbour for criminal groups. Incidentally, this condition is not met in the specific context of the Caspian, therefore piracy will not be afforded further attention in this work.
Besides the context, there is the issue of the potential attackers’ capabilities and technological level. States have direct access to conventional weaponry, even if their spending capacity, political alliances and military sophistication vary widely. Non-state actors, local protesters and criminal organisations have more limited access to conventional weaponry. However, when these actors hold significant financial resources, they have the possibility to access parallel markets for illegally traded arms, including heavy weapons. Unconventional weaponry can also be used as a cheap alternative. For example, small boats carrying explosives can be used in order to ram offshore surface infrastructures, while improvised explosive devices can be used to kill or injure workers.
Tactics used by various attackers also include bomb threats, unauthorized boarding and armed intrusion of offshore installations, abduction of workers, and kidnapping of workers’ relatives in order to force them to sabotage plants. Different tactics can also be combined in order to create complex attacks, in a virtually infinite number of combinations.
The cyber domain is a further element to be considered when assessing capabilities. This domain is not a separate reality with separate threats. It is part of the physical world: acting in the cyber domain affects the physical reality and cyber-weapons are conceived to affect this.
SCADA systems monitor and control industrial processes, including in the energy sector. Drilling, pumping, processing, refining: all major steps in the oil and gas industries rely heavily on computer-controlled systems. In every step, a potential security breach can be exploited for an attack, either as a stand-alone action or as part of a more complex action. For example, computer-based technologies are now essential for communication along command chains: a cyber attack can seriously limit defensive measures by interrupting communication flows.
Activities in the cyber domain can be very sophisticated and expensive and States retain a competitive edge, especially in the case of cyber-weapons. However, when compared with traditional military capabilities, cyber capabilities are more easily accessible by any potential attacker, including relatively small groups.
In assessing offshore security threats, it is important to have an understanding of the offshore capabilities and tactics of different groups. In particular, there are five capabilities and tactics which are common to every geographical context but are particularly relevant to the current Caspian context: airpower, navy, bombings, internal sabotage, and cyber activities.
Airpower is the most effective instrument for attacking and destroying civilian infrastructures such as offshore platforms. Air strikes can hit a target very quickly, while countermeasures are very complex to manage and generally have a limited effect. Airpower is an expensive capability which requires a military organisation, dedicated infrastructures and access to sophisticated technologies. Generally, this capability is reserved for states, since other groups do not have enough resources.
Similarly, sea power is generally a capability which is accessible only by states. A navy is an expensive organisation which requires financial resources, harbours and relatively sophisticated technologies in order to be effective. However, unlike air power, non-state actors and criminal groups can have access to limited naval power.
Explosive devices are, on the contrary, an almost universal capability, accessible by every type of organisation. Cheap and unsophisticated explosives can also be very effective in damaging major infrastructures. Therefore, bombing is a common tactic which can be used for every goal, from symbolic actions to complete destruction. Suicide bombing is a particularly effective tactic, usually used by non-state actors.
Internal sabotage is another relevant capability: contractors, offshore service providers, current and former workers involved in the functioning or maintenance of the infrastructures can intentionally damage operations. They may be part of the attacker organisation or they can be forced to cooperate.
All in all, these capabilities are instruments which can be used by different actors in order to pursue their political goals. The current Caspian context offers a particularly challenging environment which can be analysed using the proposed classification.
-  This list includes only the most relevant capabilities and should not be considered exhaustive.