As our world gets more and more connected, cybersecurity continues to bubble to the top as a major threat for oil and gas companies. With Colonial Pipeline combating a cybersecurity ransomware incident it’s hard to determine if this is a “sky is falling” incident or a follow-up to “crying wolf” as we’ve heard over the past few years. With technology usage increasing, the cyber threat to that technology also rises. So, how does the Colonial Pipeline cyberattack typify that?
For operations-based companies like Colonial Pipeline, these types of attacks can target more than just business systems like email servers. They have carefully designed and intricate systems that control pump stations, actuate electronic valves and constantly report temperatures and flow rates back to a hub pipeline management system. These operating systems are meant to be separate and safe from business systems, but every system has vulnerabilities.
If refineries feeding the Colonial Pipeline continue at their current rate of production, what’s the impact? Without the Colonial Pipeline to carry the raw and refined products, things begin to back up and fast. It’s been reported that two refineries on the Gulf Coast have already reduced fuel output due to the pipeline’s inability to move product. In addition, refineries are scrambling to secure barges and vessels to act as storage units for the production in the process. Leading up to the summer driving season, it will come faster.
How fast? Picture Lucy and Ethel in the iconic scene in “I Love Lucy” at the candy factory as they try to keep up with wrapping all that candy coming down the conveyor. The conveyor increases the flow, and they struggle to find places to put the candy, eventually shutting down the factory. The same is occurring with refineries in the Colonial Pipeline incident—except shutting down and restarting refineries isn’t simply a matter of turning off a switch and turning it back on.
Media headlines reveal answers to the “Why Colonial?” question:
Highlighting the volume, the geographic importance, and the economic impact in one set of bullets covers the “why Colonial” question. But another question remains: why now?
One potential answer could be that the period prior to Memorial Day signals the beginning of summer and, with that, the reformulation of gasoline to handle driving in the summer weather. This means that blending operations and inventory operations are at a natural “shift” that relies on storage and pipeline capacity to swap out feedstocks and components for the summer driving season. With crude inventories still in decline, the summer demand could put a strain on gasoline inventories.
The backup is also prompting panic buying and fuel hoarding by consumers in the Southeast and East Coast, with gasoline prices rising well over $3/gallon. However, the U.S. Environmental Protection Agency (EPA) issued expanded waivers of summer fuel quality requirements of gasoline to parts of 12 states and the District of Columbia. The Department of Transportation also allowed the transport of overweight loads of fuel in 10 southeastern states to allow supply without the use of the pipeline network.
Cyberattacks don’t just impact a single organization. It’s one of the energy industry’s worst kept secrets that they’re behind the curve of digital transformation. Amid the pandemic almost every organization has “tightening the belt”, and in most cases that meant furloughs or layoffs. Combine a leaner organization with tools that may only be capable of supporting normal operations and the challenge becomes even greater.
The problem is multifold, and it starts (or ends, depending on your point-of-view) with the consumer.
The world today is interconnected, not just digitally but in the physical world as well. Companies need to put significant importance on both the ability to defend against cyberattacks and operational robustness to respond to disruptions caused by attacks on key business partners. The most recent Colonial Pipeline cyberattack incident can be used as a business case for those organizations that are only dipping their toes in digital transformation—how do potential operational cost impacts compare to the investment in the people, processes, and technology needed to run the business in distressed situations?
“Companies need to put significant importance on both the ability to defend against cyberattacks and operational robustness to respond to disruptions caused by attacks on key business partners.”
While cyberattacks at the scale of the Colonial Pipeline incident are rare, the organizations perpetuating the attacks are getting more and more creative and sophisticated. With critical infrastructure such as pipelines, power generation systems, and water treatment plants at risk on a regular basis, plans must be put in place to mitigate risks at every level.
At a minimum, companies should:
In addition, these infrastructure companies may not have costly, dedicated security resources to monitor cyberattacks 24×7, but there’s no guarantee that a full-time security team could prevent all these attacks. The Colonial Pipeline cyberattack was initiated by an organized crime group seeking money; not necessarily seeking to disrupt the pipeline infrastructure.
Strong preventive measures, escalated cybersecurity education, and constant monitoring, and vigilance will help mitigate or identify future cyberattacks. Educated users and a robust cybersecurity plan must be part of the solution. Opportune has energy professionals with decades of experience in cybersecurity, digital transformation, and business process modeling prepared to help organizations plan for and adapt to new threats and the impact they can have on core businesses.
When you choose Opportune, you gain access to seasoned professionals who not only listen to your needs, but who will work hand in hand with you to achieve established goals. With a sense of urgency and a can-do mindset, we focus on taking the steps necessary to create a higher impact and achieve maximum results for your organization.Leadership