Hackers hit communications system of Energy Transfer Partners pipeline

Dive Brief:

The communications network utilized by Energy Transfer Partner's (ETP) pipeline system faced a cyberattack and was shut down on Monday, though officials say there was no impact on natural gas flows.
The outage impacted a communications platform that Energy Services Group LLC provides to ETP. Bloomberg reports the system was back up and running Monday evening.
Hackers have been increasing their attacks on energy and other critical infrastructure, as well as targeting supervisory control and data acquisition systems. Federal authorities say Russia is the most likely culprit right now.

Dive Insight:

Hackers have had limited success targeting major infrastructure in the United States, but it seems clear they are continuing to push ahead. The ETP attack was reportedly contained to the communication network, but recent history shows cyber criminals are moving closer to operating systems.

In 2017, hackers penetrated the safety systems of a petrochemical plant in Saudi Arabia in part by taking advantage of an older device made by Schneider Electric. And in 2015, a successful attack on Ukraine’s grid, caused widespread blackouts, raising fears that the United States could be vulnerable to a similar attack.

Last month, an alert based on analysis by the Federal Bureau of Investigation and the Department of Homeland Security warned Russian hackers have mounted a methodical, long-term campaign to infiltrate and surveil critical U.S. infrastructure, including energy and nuclear. That followed warnings from private security firm Dragos, which issued a report noting a rise in targeted attempts to infiltrate utility systems coming from North Korea-related hackers.

Security experts were quick to weigh in following news of the ETP incident.

"The FBI/DHS alert makes it clear that our critical infrastructure is in the cross-hairs of our adversaries," said Phil Neray, vice president of industrial cybersecurity at Boston-based CyberX in a statement.

Neray said the ETP incident "looks like a financially-motivated cyberattack, likely by cybercriminals, but we've seen in the past that cybercriminals often collaborate with nation-states and share hacking tools with each other."

Neray envisioned this nightmare scenario for an energy company: "A ransomware attack that uses nation-state tools to hijack ICS/SCADA systems and hold the pipeline hostage for millions of dollars per day."

Corero Network Security President Andrew Lloyd pointed out that ESG's website touts its solutions are internet-accessible from anywhere. He predicted the hack will be "a major disruption that certainly threatens to erode confidence among its customers."

"If you’ve moved your business-critical operations to the Internet then you’re going to need to have adequate cyber-security defenses to ensure resilience," Lloyd said.

The federal government has been moving to take additional security steps. The Trump administration in February announced it would establish a new office within the Department of Energy to focus on cybersecurity, energy security and emergency responses. A report from Accenture last year found almost two-thirds of utility executives globally believe their country faces at least a moderate risk of a cyberattack on the electric grid in the next five years. Utility executives surveyed by Utility Dive for the latest iteration of the State of the Electric Utility report continue to list cybersecurity among top concerns.