Cybersecurity

Future of Control System Cybersecurity Built Upon Industry Standards

The Colonial Pipeline attack should serve as a wake-up call for organizations in critical infrastructure and advanced manufacturing — now is the time to implement a standards-based approach to risk assessment and mitigation.

API’s Cybersecurity Standard Provides Approach to Protection

Working together with industry and government, the American Petroleum Institute has taken a major step to enhance protection of critical pipeline infrastructure by publishing the 3rd edition of Standard 1164, Pipeline Control Systems Cybersecurity.

Cybersecurity Directive for Oil, Gas Pipelines Targets Vulnerabilities

A comprehensive cybersecurity self-assessment sent to pipeline operators by the Transportation Security Administration is a clear signal that the federal homeland security apparatus is fully engaged in getting ahead of future attacks.

Securing America’s Critical Energy Infrastructure: 5 Steps for Operators

Today, fearing the worst, oil and gas companies – and the federal government – are putting a renewed emphasis on cybersecurity in this crucial component of our nation’s critical infrastructure sector. In this threatening and confusing landscape, operators follow five steps detailed in this article.

New Cybersecurity Standard for Pipelines Provides Comprehensive Approach to Cyber Defense

API published its third edition of Pipeline Control Systems Cybersecurity underscoring the natural gas and oil industry’s ongoing commitment to protecting the nation’s critical infrastructure from malicious and potentially disruptive cyber-attacks.

U.S. Senators Target Ransomware by Targeting Countries That Allow It

Two senior U.S. senators planned legislation on Thursday that would fight ransomware attacks on U.S. infrastructure by sanctioning countries that harbor cyber criminals, as well as by strengthening protections against attacks.

Biden Admin Reveals Decade-Old China Pipeline Hack, Plans for Cybersecurity Talks

The Biden administration revealed Chinese state-sponsored hackers between 2011 and 2013 targeted nearly two dozen U.S. oil and natural gas pipeline operators with the goal of “holding U.S. pipeline infrastructure at risk."

U.S. Announces New Cybersecurity Requirements for Critical Pipeline Owners

The Department of Homeland Security required owners and operators of critical pipelines that transport hazardous liquids and natural gas to implement "urgently needed protections against cyber intrusions."

A Question of Not ‘If’ but ‘When’

The cyberattack on Colonial Pipelines served as the ultimate exclamation point on that pesky declaration pipeline companies had been hearing for years: Your information systems need to be better protected from malicious software.

Oil Falls on Weak Summer Kickoff for U.S. Fuel Demand

The poor weather up and down the U.S. East Coast may have reduced consumption, following a period of gasoline hoarding that artificially boosted demand during the Colonial Pipeline outage last month from a ransomware attack.

One Password Allowed Hackers to Disrupt Colonial Pipeline

The head of Colonial Pipeline told U.S. senators that hackers who launched last month's cyber attack against the company and disrupted fuel supplies to the U.S. Southeast were able to get into the system by stealing a single password.

U.S. Recovers $2.3 Million From Colonial Pipeline Ransomware Attack

The U.S. Justice Department on Monday said it recovered some $2.3 million worth of cryptocurrency from the Colonial Pipeline Co ransomware attack.

U.S. to Give Ransomware Hacks Similar Priority as Terrorism

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.

Colonial Pipeline Says Temporary Network Disruption Resolved

Colonial Pipeline, the largest fuel pipeline in the United States, said it had resolved a temporary network disruption, just weeks after a ransomware attack crippled fuel delivery for several days in the southeast region.

Colonial Pipeline Again Experiencing Network Issues

Colonial Pipeline, the nation's largest fuel pipeline, on Friday said it was experiencing network issues, just weeks after a ransomware attack crippled fuel delivery for several days in the United States.

After Colonial Attack, Energy Companies Rush to Secure Cyber Insurance

U.S. energy companies are scrambling to buy more cyber insurance after this month's attack on Colonial Pipeline disrupted the U.S. fuel supply, but they can expect to pay more as cyber insurers plan to hike rates following a slew of ransomware attacks.

U.S. Announces New Security Directives for Pipelines After Hack

The Department of Homeland Security issued a new security directive for pipeline owners and operators on Thursday after a hack of the Colonial Pipeline disrupted fuel supplies in the southeastern United States for days this month.

U.S. Issuing First Cyber Regulations for Pipelines After Hack

The Biden administration is working with pipeline companies to strengthen protections against cyberattacks following the Colonial Pipeline hack and will announce actions in coming days, the Department of Homeland Security (DHS) said on Tuesday.

Colonial Pipeline Shuts Down after Cyber Attack

Top U.S. fuel pipeline operator Colonial Pipeline has shut its entire network, the source of nearly half of the U.S. East Coast's fuel supply, after a cyber attack that industry sources said was caused by ransomware.

Iran Checks Cyber Security at Key Energy Sites

Iran has launched an inspection of security at its key Gulf oil and gas facilities, including preparedness for cyber attacks, the Oil Ministry news agency SHANA said, following media reports of Washington weighing possible cyber attacks on Tehran.

Pipeline Cybersecurity Protection Legislation Moves Forward

House Democrats and Republicans have had trouble agreeing on a pipeline safety bill so far this year, but a second bill on pipeline security faces no such problem.

Armed Drones Attack Oil Pumping Stations on Saudi Pipeline

Saudi Arabia said armed drones had struck two oil pumping stations on a pipeline Tuesday in what it called a "cowardly" act of terrorism two days after Saudi oil tankers were sabotaged off the coast of the United Arab Emirates.

Malicious Use of Artificial Intelligence in Cybersecurity

Recently research on artificial intelligence underscores the fact that AI has no inherent ethical bias. The same technology that could, in principle, allow AI to identify and treat an injured person, could equally be trained to identify and harm members of specific groups.

Lawmakers Urge US Agency to Bolster Pipeline Cybersecurity

Two Democratic lawmakers urged the Department of Homeland Security to better protect U.S. oil and gas pipelines from cyber-attacks, after a report they requested detailed a lack of federal oversight of the critical conduits.

Lawmakers Urge U.S. Agency to Bolster Pipeline Cybersecurity

Two Democratic lawmakers urged the Department of Homeland Security to better protect U.S. oil and gas pipelines from cyberattacks, after a report they requested detailed a lack of federal oversight of the critical conduits.

Securing Open SCADA Systems for Pipeline Operations

Traditional SCADA systems used pipeline operational control are vulnerable in at least three main areas: operational information, production data and control logic. The more openly this data flows, the more cost-effectively the plant can be run, so there is much to be gained by securing the data exchange.

The Next Generation of Cybersecurity in Oil and Gas

Many oil and gas companies are operating networks of machines, people and applications that are vulnerable to attack. Protecting these systems requires a different IT security model than many other businesses.

Defending Critical Infrastructure from Cyberattacks

Critical infrastructure provides the essential services that society needs to survive – clean drinking water, power to keep homes warm in the winter, transportation to get people and goods to where they need to be. In this world of increased digitization and connectivity, cybersecurity should be of utmost concern.

The Unsinkable: A Look at Blockchain’s Potential and Pitfalls

To effectively exploit blockchain technology, industry participants need to be able to consider not only its promise but also its shortcomings. The authors explore the attributes of blockchain of particular relevance to the natural gas industry.

DOE Offers $25 Million Cybersecurity Grant Following Pipeline Attacks

The U.S. Department of Energy is making $25 million available to enhance cybersecurity in America's energy sector.