Vancouver Sun


Cyberattac­k exposes weaknesses


Acyberatta­ck that knocked out the main oil pipeline supplying the U.S. Eastern Seaboard comes days before a state-imposed deadline to shut a major Canadian conduit that could send prices soaring for consumers, highlighti­ng the fragility of North America's energy infrastruc­ture.

“These recent events completely lift the hood on how vulnerable infrastruc­ture is to attack now,” said Michael Tran, energy strategist at RBC Capital Markets in New York, adding the attack on the Colonial Pipeline Co. “was not just any pipeline” but “the key artery” supplying the most populated parts of the United States.

A ransomware attack Friday on the Colonial Pipeline, which ships gasoline, diesel and jet fuel from U.S. Gulf Coast refineries to consumers in 14 states on the East Coast, has forced the largest conduit of refined products in the U.S. to go offline. In a statement on Monday, Colonial said it expects to “substantia­lly” restore operationa­l service by the end of the week.

The outage on the Colonial Pipeline could be exacerbate­d by a Michigan state order forcing Enbridge Inc.'s Line 5 pipeline — supplying oil to Michigan, Ohio, Ontario and Pennsylvan­ia refineries — to shut down on Wednesday, which could further strain U.S. oil supply. Calgary-based Enbridge has vowed to defy the order and continue shipping oil through the line until forced to close by a court. Analysts believe shutting down Line 5 could cause higher fuel and propane prices in affected areas in the U.S. Midwest and Central Canada, as well as potentiall­y thousands of layoffs.

Still, the potential for two major pipelines being shut down in the same week shows the stretched energy supply system in North America is increasing­ly vulnerable to outages, Tran said.

“At a minimum, you're going to leave U.S. consumers, large swaths of the U.S. population, paying significan­tly more for fuel costs. Worst-case scenario, you're essentiall­y leaving widespread refined product shortages across some of the most highly populated pockets of the United States, being parts of the Midwest and the U.S. Northeast,” Tran said. “One is subject to a cyber attack, the other is potentiall­y subject to a politicall­y charged, self-inflicted wound.”

The Colonial Pipeline moves refined products such as gasoline and diesel from refineries in Texas and Louisiana to supply 14 states in the U.S. East Coast. It moves 2.5 million barrels of oil products per day to North and South Carolina before shipping 900,000 bpd to New York and neighbouri­ng areas.

“The importance of Colonial cannot be underplaye­d given that it is one of the few major sources of oil products deliverabl­e into the refinery-challenged East Coast (the line services 14 states). Due to poor refinery economics, regional units have shut over recent years, leaving the U.S. Northeast as the least independen­t and energy secure district in the country,” Tran said in a note to clients Monday.

Analysts believe the outage could send gasoline prices in the affected U.S. areas to more than US$3 per gallon and potentiall­y result in fuel shortages.

U.S. West Texas Intermedia­te remained at an elevated level for much of the day, but closed just 0.1 per cent higher to US$65 per barrel after suggestion­s that the crisis could be shortlived.

A top White House national security official said the U.S. intelligen­ce community is working to determine whether the hackers of the Colonial Pipeline have ties to the Russian government. The FBI has accused DarkSide, a group of cyberhacke­rs, of a digital extortion attempt, but the group said it was `apolitical' and its “goal is to make money, and not creating problems for society.”

Regardless of the motives, analysts think the hack marks a new era of security risk for oil markets.

“We are now seeing a first major cyber security-related oil market disruption in the cyberattac­k on the Colonial oil pipeline,” Citigroup analysts wrote in a Monday research note. The Wall Street bank added that cyber attacks are now considered a risk factor for oil markets, including geopolitic­s, climate change and weather events.

“Though the pipeline


could be restarted soon, this highlights a new source of supply risk for oil,” the analysts wrote, adding the event could also usher in “geopolitic­al second-order impacts” as government officials in the U.S. may need to change laws in order to pull crude into major cities from South Carolina to New York.

Canada's two largest pipeline companies, which also operate massive pipeline networks in the U.S., said they were monitoring the Colonial pipeline outage that had now stretched into its fourth day.

“We are aware of the incident, and that cyber attacks are of concern for all businesses these days,” Enbridge Inc. spokespers­on Tracie Kenyon said in an emailed statement, adding her company's facilities are operating normally. “It is why Enbridge has invested significan­tly in cybersecur­ity through the years, test our systems frequently and monitor constantly.”

Similarly, TC Energy Inc. which runs natural gas and oil pipelines across North America, said it regularly practises its security systems for potential attacks.

“Cyber safety is a priority across our organizati­on as part of our commitment to our No. 1 value of safety,” TC Energy Corp. said in an emailed statement. “TC Energy has a well-developed cybersecur­ity program which we continue to advance and innovate to protect our data, systems and assets. We closely monitor our environmen­ts for anything suspicious and regularly plan, practise and prepare for potential scenarios.”

Experts say pipeline companies across North America as well as utility companies are likely to boost spending on cybersecur­ity measures in the coming months following the Colonial Pipeline outage.

Generally, when a high-profile company in one industry is successful­ly hit by a cyberattac­k, other companies within the sector boost the security of their networks in the months that follow, said retired U.S. Col. Barry Hensley, chief threat intelligen­ce officer at Atlanta-based cybersecur­ity firm Securework­s Inc.

“Just like the organizati­ons that are out there today that are all evolving their cybersecur­ity programs, it's just as important to know that threat actors are evolving their campaigns as well,” said Hensley, who was the former director of the U.S. Army's Global Network Operations and Security Centre.

“There's just as much innovation being put in on the threat actor side as there is on the defender side.”

 ??  ??
 ?? DRONE BASE / REUTERS ?? Holding tanks are seen at Colonial Pipeline's Dorsey Junction Station in Woodbine, Maryland, on Monday. The company was the target of a ransomware attack.
DRONE BASE / REUTERS Holding tanks are seen at Colonial Pipeline's Dorsey Junction Station in Woodbine, Maryland, on Monday. The company was the target of a ransomware attack.

Newspapers in English

Newspapers from Canada