CYBER ATTACK ON AMERICAN FUEL PIPELINE - A WAKE UP CALL FOR ALL
“Regulators must start conducting cyber security audits on large scale energy companies”
AFEW weeks ago, a cyber-attack on the 8, 850 km double tube fuel pipe line was reported in the United States of America and affected fuel supply.
Owned by a private company called Colonial Pipeline, the pipeline transports three million barrels (477 million litres) per day between Texas and New York.
The pipeline line operations got crippled and led to fuel availability challenges and spiked pump prices. While the experts working together with security agencies have resolved the problem, the entire world has been left with feelings of vulnerability. Cyber-attacks on energy infrastructure have happened before.
The head of industrial cybersecurity at Siemens Energy Leo Simonovich once said, “Now, more and more OT – plants, machines and their control systems are being targeted. The risk is therefore no longer simply data theft, but sabotaging energy assets."
The cyber-attack on a Ukrainian utility in December 2015 is considered to be one of the first successfully executed threats on a power grid. The hackers overwrote the utility’s firmware, deactivated operator accounts, and deleted workstations and servers. Over 220, 000 households were left without power for many hours.
According to European Union security agencies, The Lazarus Group, allegedly sponsored by an Asian country, was believed to be behind multiple attacks on energy installations, including the hack of an Indian nuclear power plant in 2019, according to its 2020 Threat Landscape report.
The European Network of Transmission System Operators for Electricity (ENTSO-E) once fell victim to a cyber-attack as well. ENTSO-E, which represents 42 European transmission system operators in 35 countries reported on March 9, 2020 that it had found evidence of a successful cyber intrusion into its office network and was introducing contingency plans to avoid further attacks.
According to French think- tank Institut Français des relations internationals (IFRI), the power sector has become a prime target for cyber-criminals in the last decade, with cyber-attacks surging by 380 percent between 2014 and 2015.
Motives include geopolitics, sabotage and financial reasons. The US Department of Energy (DoE) reported 150 successful attacks between 2010 and 2014 that targeted systems holding information regarding electricity grids.
Saudi Aramco, one of the biggest oil company in the world was a target of cyber-attacks in 2017 when hackers targeted the safety system in one of the company’s petrochemical plants. Experts believed that, despite the plant shutting down, an incident could have taken place.
According to a report by the Independent, a plant official said that the attack aimed to not only shut down the plant or wipe out data but also send a political message.
South Korean nuclear and hydroelectric company Korea Hydro and Nuclear Power (KHNP) was hacked at the end of 2014. Hackers stole and posted online the plans and manuals for two nuclear reactors, as well as the data of 10, 000 employees.
As once reported in Pipeline Magazine about the type of cyber-attacks the energy sector can face, the oil and gas industry remains a prime target for all types of cyber-attacks from nation-state actors, rogue terrorists, criminals and hacktivists with varying motives, including sabotage, espionage, financial gain, or political causes.
The energy industry will likely continue to be a high priority target, particularly given its importance to national and economic security.
Anjos Nijk, as Managing Director of the European Network for Cybersecurity (ENCS) once said, “In traditional military action, the first target is airports; the second is the energy system.”
Energy is the life blood of a modern economy. Therefore, investing heavily in cybersecurity and strengthening cyber laws is the way to go. To this end, it is important to commend the Zambian Government for enacting the cybersecurity law and for having amended the law which deals with vandalism to include acts of cyber attacks on energy infrastructure.
According to the European cybersecurity incident cause breakdown for 2019, malicious actions were reported as a root cause of half of the European cybersecurity incidents in energy
With increased digitisation of networks, control centres and managing customers and energy infrastructure remotely, our exposure to cyber-attacks for various reasons cannot be underestimated.
As correctly warned by the International Energy Agency (IEA), cyber-attacks on energy companies and electricity systems may appear few and far apart but the threat is substantial and growing. This warning by the IEA must be taken very seriously.
The energy infrastructure; whether they be generation facilities, transmission facilities, control centres, fuel pipelines constitute the back- bone which powers our economy and supports almost every facet of our life.
With transnational connections and entry of private sector investors suppling energy to hundreds of thousands of customers, heightened cybersecurity around these facilities should not be underplayed.
Regulators must take keen interest in conducting cybersecurity audits and monitoring on any private or public company which supplies energy on large scale including digitised renewable energy as part of measures to protect the integrity of the industry.
With an Open Access regime in place and the liberalisation of the energy sector, a number of private companies have entered the market and handling thousands of customers.
This is a welcome development. However, we must not lose sight of the impact of cyber- attacks on networks which is capable of not only destabilising and switching off customers but the entire customer accounts and data can be deleted.
*Johnstone Chikwanda is an energy expert and a Fellow of the Engineering Institute of Zambia, a PhD candidate at Johnson University, Knoxville, Tennessee, USA.