The Christian Science Monitor published an article yesterday that noted that the increasingly infamous Chinese military hackers have been having their way with a number of US pipeline companies. As noted in the article, “From December 2011 through June 2012, cyberspies targeted 23 gas pipeline companies with e-mails crafted to deceive key personnel into clicking on malicious links or file attachments that let the attackers slip into company networks, says the Department of Homeland Security (DHS) report.” Though they didn’t get vital information from all 23 companies, they are confirmed to have infiltrated 10 of them, with another 10 still under investigation. Three of the companies apparently were either able to block them or the hackers were otherwise unable to get through their systems.
The concern here is that having dug around in the systems of these pipelines, the hackers could have all the information they need to remotely take control of the SCADA and other operational systems of the pipes, allowing them to sabotage critical equipment by shutting down or over-speeding compressors, opening or closing valves at critical interconnects, and who knows what else. Though I suppose its not inconceivable that some parts of the US pipeline system could become explosive under the right circumstances, having worked around pipelines for a not insignificant part of my life I’m dubious that anyone could actually create widespread destruction via remote manipulation of valves and compressors. No doubt, if they knew what they were doing, they could create a lot of havoc (including the blowing of thousands of rupture disks and relief valves) and cause the near total shutdown of the natural gas delivery system in the US, including isolated damage to some very critical equipment (anyone remember the oversped generator in the DOE test in Nevada a few years back?). Given the millions of miles of pipe, thousands of compressors and ten of thousands of valves that comprise our pipeline systems, such an event would take weeks or months to recover from, with the attendant economic damage in the tens or hundreds of billions of dollars from lost production and shut down of key facilities like the power plants and manufacturing facilities that have become increasingly dependent on cheap natural gas as a fuel.
There is a rapidly growing industry around the globe that is focused on producing advanced technologies and technical infrastructures that could block or otherwise defeat sophisticated cyber attacks. It has become the newest arms race, with one side becoming increasingly sophisticated in their attempts to penetrate the firewalls of companies and government agencies, and the other side spending untold billions trying to keep them out; all the while, the critical components of our energy production and delivery systems are moving toward even more automation and therefore, more vulnerability. In fact, just last month the Government Accounting Office (GAO) released a report that noted the Department of Transportation’s (DOT) Pipeline and Hazardous Materials Safety Administration (PHMSA) is encouraging (aka pressuring) pipeline operators to increase their use of advanced operational modeling and automated controls in order to more quickly react to a pipeline rupture, including the widespread use of remotely operated values along pipeline routes – something that under otherwise normal operations would allow the pipe to more quickly shut-off the flow of gas in the case of a rupture; but also something that in the event of a widespread cyber attack, would make it more difficult to regain control of the giant, complex machine that is our natural gas delivery system.