Cyberattack Pings Data Systems of At Least Four Gas Networks
(Bloomberg) -- At least four U.S. pipeline companies have seen their electronic systems for communicating with customers shut down over the last few days, with three confirming it resulted from a cyberattack.
On Tuesday, Oneok Inc., which operates natural gas pipelines in the Permian Basin in Texas and the Rocky Mountains region, said it disabled its system as a precaution after determining that a third-party provider was the “target of an apparent cyberattack."
A day earlier, Energy Transfer Partners LP, Boardwalk Pipeline Partners LP, and Chesapeake Utilities Corp.’s Eastern Shore Natural Gas reported communications breakdowns, with Eastern Shore saying its outage occurred on March 29. The Department of Homeland Security, which said Monday it was gathering information about the attacks, had no immediate comment Tuesday.
“We do not believe any customer data was compromised,” said the Latitude Technologies unit of Energy Services Group, which Energy Transfer and Eastern Shore both identified as their third-party provider. “We are investigating the re-establishment of this data,” Latitude said in a message to customers.
The company wasn’t ready to make a statement or discuss the details of the service disruption yet, Carla Roddy, marketing director at Energy Services Group, said in a brief interview at the company’s headquarters in Norwell, Massachusetts.
The attacks follow a U.S. government warning in March that Russian hackers are conducting an assault on the U.S. electric grid and other targets. Last month, Atlanta’s government was hobbled by a ransomware attack.
Computer to Computer
The electronic systems help pipeline customers communicate their needs with operators, using a computer-to-computer exchange of documents. Energy Transfer said the electronic data interchange system provided by Latitude was back up and working Monday night. The business wasn’t otherwise affected, spokeswoman Vicki Granado said in an email.
Eastern Shore Natural Gas’s Latitude system was restored on Monday as well, the company said in a notice to customers. In addition to providing EDI services, Latitude also hosts websites used by about 50 pipelines for posting notices to customers. At least some of the websites went down on March 29 and didn’t start returning until Monday, according to Dan Spangler, pipeline manager for data provider Genscape Inc. in Boulder, Colorado.
“Although all of the sites are back up now, many of them are still missing” data for March 30 and April 1, he said. “Other than Energy Transfer pipes and the pipelines hosted by Latitude, we haven’t seen any issues with gas data.”
The shutdowns are “not operationally serious in the sense that it’s stopping the natural gas from moving, but it is serious because it’s causing these companies to use workarounds for communication,” said Rae McQuade, president of the North American Energy Standards Board in Houston, which is responsible for developing industry standards.
“If somebody is running a business that has some kind of critical asset to it -- pipelines, energy, finance -- those networks are going to be targets; those networks have been targets,” said John Harbaugh, chief operating officer at R9B, a Colorado Springs, Colorado, cybersecurity solutions provider.
Many of the 3 million miles of pipelines that spread across America rely on third-party companies for their electronic communication systems, Andy Lee, senior partner at Jones Walker LLP in New Orleans, said by telephone Tuesday. In turn, they depend on those companies to provide security for those systems from attacks.
Latitude is “very well known in the industry,” the energy board’s McQuade said. “They have a lot of clients, they are very well respected.”
The systems are gaining attention from hackers because they’ve proven to be "low-hanging" fruit that creates an opportunity for ransomware or to sell the information on the dark web, Lee said.
View Full Article
WHAT DO YOU THINK?
Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.
- Cyberattack Pings Data Systems of At Least Four Gas Networks (Apr 04)
- Enterprise to Build New Gas Pipeline Serving Barnett Shale Play (Nov 13)
- Boardwalk Signs Deals for Extra Capacity (Mar 15)
Company: Energy Transfer Partners more info
- Energy Transfer Says Natgas Pipeline Fire In Pennsylvania Put Out (Sep 10)
- TransCanada Says Blast-damaged Leach Natgas Pipe Back in Service on July 15 (Jul 13)
- Pennsylvania Allows ETP Mariner East 1 Pipeline To Resume Service (Jun 14)