Pipeline down

[newnan man]

So I'm trying to figure out about this pipeline hack that took a major fuel pipeline down for several days. Maybe I'm really out of touch with how things are done. Wouldn't you think all the brainiacs would have manual redundancies built in so they could pickup the phone and say hey Joe get over to so & so valve with a crew and open the damn thing back up. It is a big pipe, it has valves. Are they all at the mercy of some pimple faced hacker? Something stinks here and again I don't believe any of the BS they're shoveling my way.

 

Amazon Forum Fav 👍

Diving for Pleasure and Treasure - Grab it through Amazon!

[controlfreq]

My understanding is the billing system was affected, they had no way to track and charge usage but haven't been watching it that closely.

 

[islamoradamark]

cant believe we only have one pipeline

 

[Travis798]

Probably something to do with the inability to meter the product for billing and the inability to remotely monitor the pipeline. Pipelines have evolved into highly complex transportation systems. They aren't just "flow product from point A to point B". A single pipeline can branch out in many directions with taps in place to allow customers to pull product out of the line along the route, while other suppliers add product in. The pressures of pipelines are not static. They are constantly changing. Control valves account for these changing pressures by automatically opening or closing the valve to keep the pressure consistent.

Pipelines have evolved into highly complex methods of transport that are monitored and adjusted 24/7. As someone who has been in the business of pipeline construction for nearly 20 years, with the last 4 years inspecting the construction of pipelines, even I can't claim to know all the ins and outs of them. Laws can be complex in certain issues, requirements differ based on what product is being transported, etc. If I hydro test a new pipeline to 2100 psig, the max is will be allowed to operate will probably be somewhere in the neighborhood of 1440 psig. You can't ensure maximum operating pressure without the ability to continuously monitor that pressure. Having guys go stand in the middle of nowhere 24/7 to watch a gauge, in multiple locations along the route, probably at least every 10 miles or so, probably never even crossed their mind. They are much, much more than a long run of pipe with valves at the ends.

All along the route you will find sites with power for instrumentation, back up batteries to continue operation in the even of a power outage, solar panels for equipment, back up generators, etc.
Pipelines have evolved and flourished with technology, making them safer and more efficient than ever, but as with anything dealing with technology, that also comes with potential drawbacks and complications.

 

[Red-Coat]

What a sceptical world we live in. Colonial don’t have just a ‘pipeline’. They operate a sophisticated system of pipelines with branched sublines supplying diesel, petrol and jet fuel. The network has a high digital dependency. Not just pumps and valves but thermostats, remote sensors plus a whole bunch of other things including robotic devices known as ‘smart-pigs’ that travel through the pipelines to check for anomalies and issues that could compromise the safety of the system.

A hacker that has infiltrated the digital infrastructure of a system like that doesn’t even need to take it over or lock out users to shut it down. Simply interrupting the data flow, or encrypting the reference data already collected, or disabling the software which analyses it can be enough to force the operation to cease if it can’t be guaranteed to be running safely.

Initially, Colonial drafted in dozens of engineers to ‘walk’ the pipelines and conduct manual operations and checks as well as deploying helicopters for inspection but it’s a huge system with hundreds of miles of pipelines and they were fighting a losing battle to keep it running at its usual throughput. The shortages would have been worse if they hadn’t also expanded their fleet of delivery trucks in an emergency auxiliary operation.

The simplest way to protect operational technology of any kind is to keep it offline, with no link to the internet at all, but the drive for efficiency has increasingly led to this being an untenable position. Traditionally, businesses relied on a set-up known as ‘air-gapping’ where critical systems were run on separate internal networks which weren’t linked to outward-facing IT. Increasing complexity has also led to that being an outmoded way of operating, connectivity is king, and most high-tech businesses run with everything connected to a central system in one way or another.

The DarkSide hackers began raking in millions from companies and organisations in 15 or more countries, stepping up their activities from around August last year. When those who are targeted pay up (and Colonial allegedly did) it only offers further encouragement that blackmail by ‘ransomware’ is profitable.

Ireland’s health service was crippled by a cyber-attack yesterday (also believed to be DarkSide) and the country’s HSE was forced to shut down the IT systems controlling medical appointments, hospital admissions and Covid vaccinations among other things. They’re adamant that they won’t pay any ransom and have resorted to ‘pen and paper’, but you can imagine what the effect of that will be if it goes on for a significant time. Fortunately, it’s being said that the hackers tried, but failed, to lock users out of the back-up server such that all but the most recent data might be restored in the next few days. Lets hope so.

 

[releventchair]

Internet security defenses cost.
The risk of not investing in the best security's cost is weighed against the odds of being hacked.
And there are companies who realize that lax security matters , after they get hacked.

What's more , what can a security team do when a foreign source is located as causing a hack , or hacking attempt? The answer to that is part of why hacking continues as a popular ransom potential.

It is not a one time protection of a security team. It is a constant evolving of defense. And that takes a constant monitoring.

 

[Rmeav8r]

Colonial Pipeline Company paid nearly $5 million to Eastern European hackers on Friday. $5 million is not a huge sum to Colonial. To get the infrastructure back in place the Board of Director’s voted to pay the ransom.

The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

 

[ticndig]

As long as my treasure net is not hacked I'm good. gas a plenty in rural Va.
High priced though at $2.75 a gallon.

 

[TheGreenBoy]

In my oppinion, it is a healthy attitude not to belive everyting. Maybe even anything. I use to work for a telephone company, we had two completely separated networks, one for the customers and another one for runing, maintaining and supervising the first one. To hach it, one woud require phisical access to servers, to access the servers, howewer, required strong personal identification process, followed by the report of tasks performed. The malicious activity was a daily thing on the opened network, the closed one had zero incidents. That was 20 years ago......

 

[Red-Coat]

Internet security defenses cost.
The risk of not investing in the best security's cost is weighed against the odds of being hacked.
And there are companies who realize that lax security matters , after they get hacked.

What's more , what can a security team do when a foreign source is located as causing a hack , or hacking attempt? The answer to that is part of why hacking continues as a popular ransom potential.

It is not a one time protection of a security team. It is a constant evolving of defense. And that takes a constant monitoring.

In my oppinion, it is a healthy attitude not to belive everyting. Maybe even anything. I use to work for a telephone company, we had two completely separated networks, one for the customers and another one for runing, maintaining and supervising the first one. To hach it, one woud require phisical access to servers, to access the servers, howewer, required strong personal identification process, followed by the report of tasks performed. The malicious activity was a daily thing on the opened network, the closed one had zero incidents. That was 20 years ago......

Absolutely right! It’s the same battle that banknote producers fight to stay one step ahead of counterfeiters, banks fight to protect account and credit card security, and numerous other industries too in different ways. It’s costly, and sometimes the cost of being ‘watertight’ can exceed the cost of tolerating occasional failures… until it reaches the point where a company or organisation gets a ‘hard lesson’.

If your organisation has external digital connectivity then it always has some vulnerability. Even if you operate with a closed intranet you’re still vulnerable if you buy software or accept data from a third party and also if your employees have computers with a USB input or your email system has a fallible firewall.

In the case of DarkSide, they claim to have no political affinity and in the past have openly said “it’s just about the money”. That may or may not be true, but it’s no coincidence that they operate out of Russia and have no history of attacking Russian companies or those of its allies. For those reasons, the Russian government has no interest in attempting to curtail their activities. Even if they aren’t actively promoting them, they do at least reap some benefits, whether directly or indirectly.

 

[GoDeep]

1st Corona: Within 48 hrs, most stores stockpiles of food and supplies were completely wiped out.

2nd Texas Frozen Electrical Grid: Within 48 hrs many people were already resorting to burning their own furniture to keep warm. Reserve gas and food supplies were next to non existent.

3rd Suez grounded ship: Worldwide spike in most all commodity prices

4th Pipeline Hack: Within 48 hrs, gas stations were completely dry.

What's this tell us? The world has evolved into an over consuming, overpopulated giant with no significant reserves or stockpiles dependent on a "field to mouth" and "oil well to gas tank" supply chain to feed the all consuming beast. Even small disruptions in supply send us into wreck and chaos.

We are only one major disaster away(say a worldwide drought effecting the grain belts around the globe) from completely throwing the earths population into all out post apocalyptic ruin with mass starvation, death and war.

 

[newnan man]

A lot of interesting aspects to this. Thanks to all. I will continue to be skeptical of all these issues that seem to be used against the law abiding, hard working citizens of our country & the world. Very complex indeed. Throw in evil, greed and corruption and it is a recipe for disaster.

 

[Squirrel322]

cant believe we only have one pipeline

There are lots of pipelines but I don’t think there is much redundancy in the areas they service. This hack seemed to mostly effect the states this pipeline serviced. Up here in Michigan I didn’t notice an interruption in supply or hike in price.



https://www.api.org/oil-and-natural...-natural-gas/pipeline/where-are-the-pipelines

Colonial Pipeline effected by hack -

 

[pepperj]

1st Corona: Within 48 hrs, most stores stockpiles of food and supplies were completely wiped out.

2nd Texas Frozen Electrical Grid: Within 48 hrs many people were already resorting to burning their own furniture to keep warm. Reserve gas and food supplies were next to non existent.

3rd Suez grounded ship: Worldwide spike in most all commodity prices

4th Pipeline Hack: Within 48 hrs, gas stations were completely dry.

What's this tell us? The world has evolved into an over consuming, overpopulated giant with no significant reserves or stockpiles dependent on a "field to mouth" and "oil well to gas tank" supply chain to feed the all consuming beast. Even small disruptions in supply send us into wreck and chaos.

We are only one major disaster away(say a worldwide drought effecting the grain belts around the globe) from completely throwing the earths population into all out post apocalyptic ruin with mass starvation, death and war.

It was nice to read the top 4 and it basically nothing changed in our life. Some comfort to be in the rural, where it's 45 minutes to the shopping so it makes one limit the trips in life to once every few weeks.

It just shows that most just don't know/or have the ability to even have enough to eat past the next calendar week.

Years ago we were chatting and the hacking topic came up as a member of the team was in IT dept. for a major chain (it got hacked a year later)
I queried then: "How bad is it-the attempted hacking into the system?"
Reply: "It's like standing in front of a tennis/base ball serving machine turned on high, they just keep coming at you 24/7"
I couldn't imagine what it would be today.
Yet part of me says-If a corporation has any dealings with the infrastructure/health/safety of the country they must have by law the best encryption/network security known today-period.

 

[pepperj]

Then there's line 5-that's another whole different hack/chop/BS.

 

[Treasure_Hunter]

49er, KEEP POLITICS OUT OF ALL FORUMS EXCEPT OUR POLITICS FORUM!

Eagleeye1, you are new to TreasureNet and may not be fully aware of our rules. politics are not allowed in any forum except our politics forum, please follow our rules.

 

[newnan man]

Civilization is a very thin veneer indeed. One could not begin to imagine the chaos if the worlds infrastructure when down for an extended amount of time.

 

[Treasure_Hunter]

Civilization is a very thin veneer indeed. One could not begin to imagine the chaos if the worlds infrastructure when down for an extended amount of time.

Really not too hard for me to imagine, it would be total anarchy. Picture the walking dead without the zombies just roving gangs of thugs. People who were brought up gardening, trapping, camping, fishing and hunting will fare much better than those brought up in the cities and who never learned the skills needed to live off the land.

 

[LandSeig]

By studying history you come to realize that people by nature are capable of anything that they think they can get by with. We in our short modern history have been insulated from the reality of human daily existence.

 

[ticndig]

Civilization is a very thin veneer indeed. One could not begin to imagine the chaos if the worlds infrastructure when down for an extended amount of time.

it would be hell on earth for most people , yet The many Amish families in my area seem to do just fine with no gas or electric .