This group brings together the best thinkers on energy and climate. Join us for smart, insightful posts and conversations about where the energy industry is and where it is going.

Post

The Colonial Pipeline Attack Was A Major National Security Incident

Robert Rapier's picture
Proteum Energy

Robert Rapier is a chemical engineer who works in the energy industry. Robert has over 20 years of international engineering experience in the chemicals, oil and gas, and renewable energy...

  • Member since 2018
  • 684 items added with 143,179 views
  • May 23, 2021 11:45 pm GMT
  • 274 views

The majority of U.S. refining capacity is on the Gulf Coast. Refineries there receive a combination of domestic and Canadian crude via pipeline, as well as waterborne imports from all over the world. The crude oil is converted into gasoline, diesel, jet fuel, and miscellaneous other products.

Of the 15 million barrels per day (BPD) of crude oil that U.S. refineries currently process, the Gulf Coast refines about 8.4 million BPD (56%). But that is a mismatch with regional demand for petroleum products.

Your access to Member Features is limited.

Last year was a bit of anomaly in that Gulf Coast demand for petroleum products was actually greater than demand on the East Coast. But for most of the past decade, the East Coast was responsible for 5.5 to 5.9 million BPD of demand, and the Gulf Coast was responsible for 5.2 to 5.7 million BPD of demand.

Because refinery output is greater on the Gulf Coast than demand — and because East Coast refining capacity is only 4% of the U.S. total, the Colonial Pipeline serves to connect East Coast demand with Gulf Coast supplies.

The Colonial Pipeline originates in Houston and terminates at the Port of New York and New Jersey. It traverses the southeastern states of Louisiana, Mississippi, Alabama, Georgia, South Carolina, North Carolina, and Virginia, and continues north through Maryland, Delaware, Pennsylvania, and New Jersey.

The pipeline transports about 100 million gallons per day of gasoline, diesel and jet fuel, supplying about 45% of the fuel needs of ~50 million customers. The Colonial Pipeline is, without a doubt, the most important finished product pipeline in the U.S.

In 2016 the Colonial Pipeline was thrust into the national spotlight when a leak in Alabama spilled 252,000 gallons of gasoline. This resulted in a 12-day interruption in the pipeline’s service, and led to price surges all along the pipeline’s route.

The latest interruption to the Colonial Pipeline took place two weeks ago, when a ransomware attack forced a shut down of all pipeline operations. Bloomberg reported that the hackers behind the attack began to steal a large amount of data from the pipeline’s networks on Thursday, and then on Friday they locked the computers with ransomware and demanded payment.

The Cybersecurity and Infrastructure Security Agency (CISA), a standalone United States federal agency under Department of Homeland Security oversight, addressed the incident in a statement on Twitter:

“We are aware of the Colonial Pipeline ransomware incident. We are engaged with Colonial and our interagency partners regarding the situation. This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

Commerce Secretary Gina Raimondo addressed the outage on CBS’s Face the Nation program: “We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply. It’s an all hands on deck effort right now.”

Colonial brought service back online after about a week, but panic-buying along the pipeline’s route caused gasoline shortages in many locations. But this was one of the most serious ransomware incidents to date, impacting tens of millions of people. It was a major national security incident, and it highlights the vulnerability of the nation’s infrastructure to these sorts of attacks.

Although this incident was serious, a shutdown of a large section of our power grid during a heat wave or winter storm could have far more deadly implications. It seems highly likely that this incident will lead to a response from the federal government to shore up protections of our critical infrastructure, and it puts more pressure on companies to ramp up their cybersecurity efforts.

Follow Robert Rapier on TwitterLinkedIn, or Facebook.

Read More

Robert Rapier's picture
Thank Robert for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Matt Chester's picture
Matt Chester on May 24, 2021

This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.

Hopefully CISA, DHS and others not only recommend these actions, but create plans/resources/etc. for entities to follow to make that strengthening happen

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »