Colonial Is Just the Latest Energy Asset Hit by Cyber-Attacks

Article content

(Bloomberg) — A cyber-attack has never taken down a U.S. fuel pipeline quite as big as the Colonial Pipeline. It’s the nation’s largest gasoline, diesel and jet fuel system and a critical source of fuel supply for the U.S. Northeast.

But this isn’t the first time hackers have hit energy assets in America and beyond in recent years, at times disrupting services and upending operations.

Two-Day Gas Outage

In February 2020, the U.S. Department of Homeland Security issued an alert about a ransomware attack that brought down a U.S. natural gas compressor facility for two days.

The agency didn’t say which facility was targeted, when the attack occurred or who was behind it. But it did offer some details: Hackers sent emails with a malicious link, known as a phishing attack, to gain control of the facility’s information technology system.

It appeared likely that the attacker explored the facility’s network to “identify critical assets” before executing the ransomware attack, Nathan Brubaker, a senior manager at the cybersecurity firm FireEye Inc., said at the time. This tactic, which has become increasingly popular among hackers, makes it “possible for the attacker to disable security processes that would normally be enough to detect known ransomware indicators,” he said.

Advertisement

This advertisement has not loaded yet, but your article continues below.

Article content

Pemex Systems Down

Mexico’s oil giant Petroleos Mexicanos reported a cyber-attack in November 2019 that crippled its computer systems. The company’s communication systems were affected for weeks afterwards.

For some employees, Internet access was limited, some computer files weren’t accessible and they had difficulty receiving external emails, people in Pemex’s finance, legal and refining departments said at the time. The hacker behind the attack tried to squeeze almost $5 million out of the company. Pemex at the time refused to pay the ransom.

Gas Communications Targeted

In April 2018, several U.S. natural gas pipeline operators including Energy Transfer Partners LP and TransCanada Corp. reported that a third-party electronic communications system had been hit with a cyber-attack. Five of the companies confirmed service disruptions from the hacking.

Though the cyber-attack didn’t disrupt the supply of gas to U.S. homes and businesses, it showed how even a minor attack can have ripple effects. The attack forced utilities to warn of widespread billing delays and made it difficult for analysts and traders to predict a key government report on gas stockpiles.

Ukraine Grid

In December 2016, hackers took down almost a quarter of Ukraine’s power grid. Officials blamed Russians at the time for tampering with the utilities’ software and then jamming the power companies’ phone lines to keep customers from alerting anyone.

Advertisement

This advertisement has not loaded yet, but your article continues below.

Article content

The hack knocked out at least 30 of the country’s 135 power substations for about six hours. Cybersecurity firms working to trace its origins say the attack occurred in two stages. First, hackers used malware to direct utilities’ industrial control computers to disconnect the substations. Then they inserted a wiper virus that made the computers inoperable.

Saudi Aramco

In 2012, Saudi Arabia blamed unidentified people based outside the kingdom for a cyber-attack against state-owned Saudi Arabian Oil Co. that aimed to disrupt production from the world’s largest exporter of crude.

More than 30,000 computers were compromised or affected by a so-called “spear-phishing” attack, raising concerns about the threat hackers may pose to output at the company also known as Saudi Aramco. A spokesman for the Interior Ministry, declined at the time to identify any of the “several foreign countries” from which the attack originated.

Energy companies from electric utilities, to power-grid operators to oil and gas pipeline operators have warned that cyberattacks are becoming more and more prevalent. The largest U.S. power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. Last May, the U.K.’s grid data system was hacked, although electricity supplies weren’t affected. And in March, an attack against Europe’s association of grid operators, ENTSO-E, affected its internal office systems.

©2021 Bloomberg L.P.

Bloomberg.com

Comments

Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.


Source link

Leave a Reply

%d bloggers like this: