The customers of three US pipeline companies lost communication with the pipelines due to a cyberattack that experts say should erase all doubts that the energy infrastructure is at risk.
This week, four pipeline companies reported disruptions in their electronic systems, with three attributing it to cyberattacks. Oneok, which operates natural gas pipelines in the Permian Basin in Texas and the Rocky Mountains region, said it disabled its system as a precaution after determining that a third-party provider was the “target of an apparent cyberattack”.
A day earlier, Energy Transfer Partners, Boardwalk Pipeline Partners and Chesapeake Utilities’ Eastern Shore Natural Gas reported breakdowns, with Eastern Shore saying its occurred on March 29.
“Any doubt that critical energy infrastructure in the US is a target for cyber-attackers should be erased at this point,” said Tim Erlin, vice president of product management and strategy at cybersecurity firm Tripwire. “We’ve seen an increasing number of attacks, and increasingly successful attacks, across energy infrastructure.”
According to bloomberg.com:
While the EDI systems may be entry points for hackers, they are likely not the ultimate target, said Jim Guinn, managing director and global cybersecurity leader for energy, utilities, chemicals and mining at Accenture Plc, a technology consulting company.
“There is absolutely nothing of intrinsic value for someone to infiltrate the EDI other than to navigate a network to do something more malicious,” Guinn said by telephone Tuesday. “All bad actors are looking for a way to get into the museum to go steal the Van Gogh painting.”
“Panic isn’t the answer to securing our critical infrastructure,” Erlin said. “Preparation and risk management are key.”
These attacks come on the heels of a government warning in March that Russian hackers were conducting an assault on the US electric grid and other targets. Atlanta’s government was hobbled by a ransomware attack in March.
“DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.” the alert says. “After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to industrial control systems.”
Last summer federal government partners informed energy grid operators in North America about a threat targeting energy and critical manufacturing sectors, and released potential indicators of compromise, says Edison Electric Institute vice president of security and preparedness Scott Aaronson.
The EEI, which represents all US investor-owned electric companies, says it has been working across the sector and with government partners on protecting the grid from both cyber and physical security threats.
The 3rd Annual Environmental Leader & Energy Manager Conference takes place May 15 – 17, 2018 in Denver. Learn more here.