Natural gas has a good record against hackers
Natural gas pipelines can be targeted by cyberattacks. So can electric grids. And power plants. And hospitals, city governments, banks, entertainment companies, and virtually anything else that exists in the digital age.
Like most of those entities, pipeline companies have taken aggressive steps to better shield their infrastructure from hackers, isolate critical systems, and beef up physical security. Recent allegations by some that the natural gas industry is increasingly vulnerable to cyberattack are unsubstantiated and not based on any factual evidence.
A recent incident affecting a third-party service provider, used for scheduling and nominations by some pipeline operators, demonstrates how the industry’s preparedness protects consumers. After an attack in March halted data exchanges from the company, the operators that used their services to facilitate gas deliveries and billing sprang into action. There was no impact on natural gas deliveries and gas never stopped moving through pipelines as a result of this incident.
Natural gas pipeline companies have a longstanding track record of reliable service, and are dedicated to meeting the highest industry and federal standards for safety, security and resilience, ensuring the flow of natural gas. This is par for the course in an industry where the number of threats are increasing, but advances in security and system resilience have made inflicting any real damage increasingly difficult.
Compared to cyberattacks that shut down entire electric grids in Ukraine and a ransomware virus that hobbled services in Atlanta for days, the natural gas industry has avoided any attacks causing a halt in services. Preparedness is key, and the industry has demonstrated its commitment through participation in programs like the Downstream Natural Gas Information Sharing and Analysis Center, as well as real-world training exercises like the NERC GridEx.
There is still work to be done, but we are on the right track.
Despite this progress, a recently leaked “predecisional” memo from the U.S. Department of Energy and the National Security Council argues that natural gas cybersecurity threats are proof that aging coal and nuclear power plants need to be propped up through unprecedented and legally questionable use of federal national security powers.
This represents a solution to a problem that does not exist. If the Energy Department acts, consumers will be saddled with as much as $11.8
billion to pay for the uneconomic coal and nuclear plants.
That might be justifiable if these facilities increased the reliability of the grid. But they don’t. That’s why three previous attempts to find legal justification to subsidize these plants have failed. That’s also why PJM, the nonprofit electric grid operator for the region that has seen the most coal and nuclear retirements, dismissed the proposal as “damaging to markets and therefore costly to consumers.”
As FERC and others have pointed out, an attack on the electric grid is more likely, has real precedent, and would render fuel stockpiles meaningless.
Meanwhile, reports have indicated that nuclear plants themselves are becoming prime targets for hackers. Fuel supply issues, including gas pipeline issues, in fact, accounted for a mere 0.00007 percent of blackout hours between 2012 and 2016, while electric transmission problems were responsible for more than 90 percent, according to a 2017 study.
That’s partly because the geographically dispersed pipeline system for gas is inherently resilient. Indeed, unlike electricity, gas moves too slowly to cause a “cascading” or domino-effect blackout.
There are legitimate threats to the grid. Cybersecurity can always be better.
But disrupting markets to keep obsolete 20th-century power plants running... not so much.