Guest column/As hackers get smarter, energy industry shores up defense
America is under attack. Every day, we’re besieged by a group of enemy combatants. Nameless, faceless and spread throughout the world, this group is united by a single aim: To upend American life as we know it.
These attackers are not soldiers or terrorists in the traditional sense. They are hackers, on a mission to cause as much disruption and destruction as they can. One of their central targets is our nation’s energy grid, specifically the sprawling network of oil and gas pipelines that help power homes and businesses across America.
A successful cyber-attack on these pipelines would spell disaster. Fortunately, the energy industry and the federal government have joined forces to keep us safe and keep the lights on.
America’s 2.5 million miles of oil and gas pipelines — enough to circle the globe 100 times — operate around the clock to provide Americans with reliable, affordable energy. Almost every part of this expansive network, including pressure monitors and control valves, is controlled by electronic management systems. If hackers gain control of these systems, they could easily cause explosions and fires, putting not just the pipelines, but the lives of the people who operate them, in danger.
A report released last year by Connecticut’s Chief Cybersecurity Risk Officer showed that attempts to hack public utilities are increasing in frequency and sophistication, making them harder to combat.
Luckily, we have a strong defense. Pipeline companies make sure that computers connected to the energy grid are as protected as possible. Pipeline employees can’t connect USB drives, download unsanctioned applications or even use the Internet for non-work-related things. It may sound basic, but a good first line of defense is essential for warding off attacks.
Pipeline companies also coordinate their defense efforts across the industry. That’s why in 2014, energy companies helped form the Oil and Natural Gas Information Sharing and Analysis Center, a hub where energy companies and cybersecurity experts from the Departments of Energy and Homeland Security come together to share defense strategies and give at-risk energy producers the tools to stop hackers in their tracks.
Constant vigilance is important. When one pipeline is attacked, an alarm goes out to every node in the nation’s energy network, alerting every pipeline operator, driller and power plant to be on the lookout for a potential attack. The alert gives them time to shore up their defenses.
Since the early 2000s, the energy industry also has worked hand-in-hand with the United States Coast Guard, which oversees the cybersecurity regulations for all marine terminals that handle incoming shipments of unrefined petroleum, petroleum products or liquefied natural gas.
More recently, members of the energy industry partnered with the Departments of Energy and Homeland Security to develop guidelines for keeping pipelines safe from cyberattacks and mounting the appropriate response should such an attack occur. These aren’t broad “one-size-fits-all” action plans, but rather detailed measures that instruct cybersecurity professionals how to best protect their infrastructure. They provide step-by-step instruction on how to create a cyber defense that is all but immune to attacks.
Armed with the latest cybersecurity innovations from the private sector and the federal government, America’s energy industry is working diligently to ward off hackers and keep our homes warm and bright.
The hackers may be getting smarter, but so are we.
(Washington is a decorated Air Force veteran, an Emmy-nominated TV personality and the host of the nationally syndicated radio program “Stacy on the Right.” This piece originally ran in InsideSources.)