Friday, March 29, 2024

Cyberattack on pipeline spotlights holes in US energy security

Cyberattack on pipeline spotlights holes in US energy security
May 9, 2021

(Reuters) - A cyberattack that shut the largest USgasoline pipeline and jeopardized supplies from Gulf Coast refining centers to cities including Washington, DC, Baltimore and Atlanta put energy security back in the spotlight.

Colonial Pipeline halted operations to contain the threat after learning of Friday's attack, the company said. It cut deliveries of 2.5 million barrels per day of gasoline, diesel, and jet fuel through 5,500 miles (8,850 km) of pipelines.

"I would not expect this to last long enough to make fuel pricing or supply an issue. "Gas prices are not impacted yet, and should not be if Colonial's operations return soon."

"As every day goes by, it becomes a greater and greater impact on Gulf Coast oil refining. Refiners would have to react by reducing crude processing because they’ve lost part of the distribution system."

"If the Colonial shutdown becomes more extended, to four or five days, (refiners) might have to reduce their operating rates to contain inventories. Colonial ships over 2 million barrels per day from the Gulf Coast and the alternative, the Plantation Pipe Line, carries 700,000 barrels."

"This attack is unusual for the U.S. But, the bottom line is that attacks targeting operational technology - the industrial control systems on the production line or plant floor - are becoming more frequent."

"Cybersecurity vulnerabilities have become a systemic issue. It needs strategic oversight to ensure that operations have preventative controls and an appropriate responses plan if and when attackers breach a system."

"This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyberattack. Securing our energy infrastructure is a national security issue that involves several different federal agencies and requires centralized leadership.

"Last year, Congress authorized the creation of a national cybersecurity director within the White House, but this position remains unfilled by the Biden administration. In the wake of attacks like Colonial Pipeline and Solar Winds, it is clear that filling the role needs to be a higher priority."