The recent cyberattack on the Colonial Pipeline has once again exposed the vulnerabilities in critical infrastructure. At the time of writing, the pipeline had resumed normal operations, but only after Colonial had paid the US$4.4 million ransom demanded by DarkSide, the hacking group responsible for the ransomware attack. Colonial Pipeline’s CEO, Joseph Blount, told the Wall Street Journal that he authorised the payment after consultation with experts, as he did not know the extent of the damage or how long it would take to bring the pipeline’s systems back. A company spokesman said “Tens of millions of Americans rely on Colonial: hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the travelling public.”
Register for free »
Get started absolutely FREE in 2 minutes, no credit card required.
Undeniably, the pipeline is a critically important piece of national infrastructure. Spanning 5500 miles between Texas and New Jersey, the pipeline carries approximately 2.5 million bpd of gasoline, diesel and jet fuel (around 45% of the fuel consumed on the US east coast). Wood Mackenzie has reported that the attack only had a marginal impact on fuel markets due to a combination of increased output from US refineries and imports from Europe.1 Of course, the fact that the ransom was paid quickly is another key reason for the limited damage; it is clear that the impacts would have been much more serious had the shutdown persisted for longer. It’s easy to sympathise with the dilemma facing Colonial in this instance. In Blount’s own words, the ransom payment was authorised as he felt that it was “the right thing to do for the country.” However, the shared wisdom is that ransom payments only incentivise the hackers and fund future cyberattacks. It’s your classic ‘no-win’ situation (unless you are the hacker).
Our sector needs to learn from the incident and take active steps to protect itself from similar attacks. However, a recent study by Ponemon Institute and Siemens Energy revealed that although 56% of survey respondents had experienced a data breach or outage in the previous 12 months – and 54% expected an attack on critical infrastructure in the following 12 months – there was a pervasive lack of preparedness. Only 31% of respondents believed they were ready to respond to, or contain, a breach.2
This issue of Hydrocarbon Engineering includes a dedicated section on cybersecurity, beginning on p. 15, with articles from the American Petroleum Institute (API) and Siemens Energy. The two pieces are very timely in light of recent events, and I’d encourage you all to take the time to read them. The API explains how its continuously updated standards help to address cybersecurity for the oil and gas sector, while the article from Siemens Energy looks specifically at how to optimise refinery turnarounds with AI-driven cybersecurity advances.
Before I sign off this month, I also wanted to remind everyone that Hydrocarbon Engineering will be hosting ‘SulfurCon 2021’ on 30 June. This free-to-attend virtual conference and exhibition will focus on the latest sulfur technology, innovations and services for the hydrocarbon processing sector, with expert presentations from leaders in the sector. For more information, and free registration, head over to www.hydrocarbonengineering.com/sulfurcon2021.
1. CROOKS, E., ‘Colonial pipeline hack exposes the vulnerability of critical infrastructure’, (14 May 2021), https://www.woodmac.com/news/opinion/Colonial-pipeline-hack-exposes-the-vulnerability-of-critical-infrastructure/.
2. ‘Caught in the Crosshairs: Are Utilities Keeping Up with the Industrial Cyber Threat?’, Ponemon Institute and Siemens, (2019).