Reports show that U.S. energy companies reported more than 350 cybersecurity incidents to the U.S. Department of Homeland Security between 2011 and 2015. Pipeline companies are included in that statistic.
Last week, Energy Transfer Partners (ETP) notified its oil and gas shippers that its pipeline network system was hacked. According to ETP, the hacking targeted an ETP contractor that manages the ETP system, ETP was not hacked directly. Further, the hacking did not affect the actual pipeline system, but targeted the electronic data interchange system that facilitates transactions regarding oil and gas movement through pipelines.
The incident is presumed to have been focused on gaining pricing information for competitive advantage as opposed to disruption of the pipeline. Nonetheless, it shows the importance of vendor management.
Four other gas networks shut down their communication networks in the last week as a result of cyber-attacks. One natural gas pipeline company disabled its communication system as a precaution after a third-party provider was the target of a cyber-attack. Three others reported communications breakdowns with customers and websites that are hosted by third-party companies. The Department of Homeland Security is investigating.