A cyberattack hobbled the operations of at least four natural gas pipeline companies last week.
At least four US pipeline companies have said their electronic communications systems have shut over the past few days, with three confirming the service disruptions were caused by a cyberattack. Energy Transfer Partners, Boardwalk Pipeline Partners, and Chesapeake Utilities’ Eastern Shore Natural Gas were among the companies affected by outages, while Oneok disabled its system as a precaution.
Natural gas systems and power grids have been increasingly going electronic as aging infrastructure is updated. The electronic data interchange, or EDI, system serving pipeline companies is designed to speed up tracking and scheduling of gas flows.
These pipeline networks run for tens of thousands of miles to ship the fuel from producers to regional utilities, retailers and large consumers, such as power generators.
Hackers are developing attacks on energy infrastructure for one main reason: Impact. And automation is creating the backdoor they need to break in.
The energy industry is particularly vulnerable to sabotage because of the impact the sector has on peoples’ daily lives, says Scott Coleman, director of marketing and product management at Owl Cyber Defense, which provides devices and services to prevent hacks to oil and gas producers. If a hacker shuts down an electric substation, 20,000 people can be affected immediately, he said.
On the other hand, the industry’s drive to replace levers and knobs with automation everywhere from power plants to oil rigs to pipelines has left gaping holes in security, Coleman told Bloomberg.
Oil and gas producers, pipeline companies and utilities are “really aggressively switching from analog to digital services. And those digital control systems didn’t come with cybersecurity built in,” he said.