×
INTELLIGENT WORK FORUMS
FOR ENGINEERING PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you an
Engineering professional?
Join Eng-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Eng-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Petrolem Pipeline Hack
7

Petrolem Pipeline Hack

Petrolem Pipeline Hack

(OP)

How can a modern system, like this be hacked? Do they need to go back to pneumatic controls?

RE: Petrolem Pipeline Hack

Is there a link?

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

Custody transfer must interact with the markets where customers reserve product delivery. So complete separation of IT and OT is not possible.
This makes securing the system a more complex problem.

The need for pipeline operators to pay attention has been identified for some time.
Pipeline Cybersecurity Initiative, Cybersecurity & Infrastructure Security Agency

This article is has some details about the attack.
Colonial Hackers Stole Data Thursday Ahead of Shutdown; Bloomberg, Cybersecurity By Jordan Robertson and William Turton, May 8, 2021, 10:57 PM EDT. Updated on May 8, 2021, 11:59 PM EDT

RE: Petrolem Pipeline Hack

When IT holds all the virtual keys to the castle and the moat is only full of virtual water.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

> How can a modern system, like this be hacked?

It seems in general over the last 20 years we have been very quick to take advantage of expanding digital capabilities in many areas, especially internet based commerce. But cyber security measures often have not kept pace with that expansion and cyber attackers have continued to refine their craft. We now find ourselves very dependent on a fragile cyber infrastructure.

That's just my general comment / perception about the state of things today, I have no insight into the gas pipeline situation.

=====================================
(2B)+(2B)' ?

RE: Petrolem Pipeline Hack

The clue is in the "modern system" bit. My guess is that the PC's that run the system probably run WIN95 or even earlier operating systems, long since given up by MS. Even Windows XP is no longer supported or patched.

The system probably still worked and so long as you didn't fiddle with it it just kept rolling along and avoided needing to change the bespoke software for all of the Microsoft changes in operating systems.

Remember - More details = better answers
Also: If you get a response it's polite to respond to it.

RE: Petrolem Pipeline Hack

electricpete,

I think your general comment is quite relevant. Every company, even banks, say they care about cyber security but spend almost nothing on it compared to everything else. And why should they? They get slapped with a comically small fine and the public quickly forgets about the millions of accounts with compromised data.

RE: Petrolem Pipeline Hack

Quote (LittleInch)

My guess is that the PC's that run the system probably run WIN95 or even earlier operating systems, long since given up by MS.
I'd say XP is the more likely candidate...

Dan - Owner
http://www.Hi-TecDesigns.com

RE: Petrolem Pipeline Hack

I think the problem is the result of getting the commercial end to electronically interface with the operational end, then they fire the data entry clerk that previously acted as an air gap between the two.

Even I keep one computer entirely off the net. Sometimes a PIA, but it works. Its never been hacked.




Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Our youngest son works for a company that provides recovery and remediation services for companies to protect their networks and servers. He said it's amazing how many companies just assume that it will never happen to them. He also said that technology is getting too good, that it's actually hurting companies and industry. Back when disk failures were common, everybody did daily and weekly backups. Now people think that, Oh, I have a mirror server on our network so we're good to go, not realizing that if their network gets hacked both the primary and the mirror servers are in jeopardy. He said that his company is getting rich in the current environment, and he's not doing too bad himself as he gets a salary plus a percentage of his billable hours (he also managed to get a job for his girlfriend working as a project coordinator, not actual IT work, more making sure that the customer is getting the answers that they need).

John R. Baker, P.E. (ret)
EX-'Product Evangelist'
Irvine, CA
Siemens PLM:
UG/NX Museum:

The secret of life is not finding someone to live with
It's finding someone you can't live without

RE: Petrolem Pipeline Hack

You must be referring to hacking technology, because it does not seem to be the reverse. The more they build, the more holes they seem to have. And they have holes that they claim they don't know about and reward white hats to find them, then they don't even patch them until the exploits are discovered and attacked and now have to rely on the FBI to mop up their mess. All the GOV soldiers can't even keep them at bay anymore. Its a total disgrace, to coin a phrase.

I agree with the rest. The company IT guys can hardly add a new user, never mind actually fix anything. If DOE etc. can't even keep them away, what chance do the rest of us have.

Look at the bright side. We will get to see what happens when there is no more gasoline on the east coast.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote (1503-44)

Look at the bright side. We will get to see what happens when there is no more gasoline on the east coast.
As an east-coaster, I'm not looking forward to any such thing 3eyes I was in FL when one of the big ones hit the coast, and lines at the gas stations were hours-long fiascos.

Dan - Owner
http://www.Hi-TecDesigns.com

RE: Petrolem Pipeline Hack

From the news..."The FBI has confirmed that the Russian criminal gang known as DarkSide are responsible for the attack that shut down America's largest fuel pipeline four days ago and sent gas prices surging - as experts fear the attack could turn a 'cyber disaster into a real-world catastrophe'.

The attack on Colonial Pipeline, which runs from Texas to New Jersey and transports 45 percent of the East Coast's fuel supply, is the largest assault on US energy infrastructure in history and has sent shockwaves across the industry."

It may not be a Russian criminal gang that did it. They've confirmed wrong stuff before... but where there's smoke...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

Interesting that one reaction from the present administration is to loosen some regulations on trucking to alleviate the possible shortfalls.

Numbers I get is that the pipe was doing 2.5 million barrels a day. At 42 gallons per barrel, that's 105 million gallons. Thinking that most of the trucks I see can do 7000 gallons, that's mere 15,000 trucks hauling to bypass the pipe.

Wanna be a truck driver?

old field guy

RE: Petrolem Pipeline Hack

There is a critical shortage of tanker drivers already. It apparently requires too much know how, training and paperwork. Trucks are available.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Great commentary OFG...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

From another source, "The FBI confirmed Monday that the culprit is a strain of ransomware called DarkSide, believed to be operated by a Russian cybercrime gang referred to by the same name." ... there's that 'believed to be'... all over again. You have no idea of what was actually said. The FBI may have said something, the politicians say another and the newsguys say something else... gets more and more confusing.

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

Quote (1503-44)

[then they]fire the data entry clerk that previously acted as an air gap between the two

I have long advocated for an "air gap" for security purposes. Why don't other people see the same value in keeping certain steps offline?

RE: Petrolem Pipeline Hack

Quote (1503-44)

There is a critical shortage of tanker drivers already. It apparently requires too much know how, training and paperwork. Trucks are available.

Also, DOT-required health screenings that only want to allow the healthiest 5% of 55yos to drive trucks.

RE: Petrolem Pipeline Hack

I don't think I81 can handle 15000 additional trucks, even if 15,000 drivers were available.
What we know about the Colonial Pipeline ransomware cyberattack The latest on who is behind it, how it could impact gas prices and more. ByCatherine Thorbecke and Luke Barr, ABC News May 10, 2021, 4:06 PM
Colonial Pipeline said in a statement Monday that it is executing a phased plan to incrementally return to service, with "the goal of substantially restoring operational service by the end of the week."


RE: Petrolem Pipeline Hack

Think of the traffic jam...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

"Also, DOT-required health screenings that only want to allow the healthiest 5% of 55yos to drive trucks."

As in a monthly pee in the bottle, so that's a good thing, right?

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

They should just collect the pee bottles on the side of the road in any major port to get a health evaluation of the population. As I work in the two busiest ports on the west coast of USA, I can tell you, with a quick sniff, truckers are very dehydrated.

RE: Petrolem Pipeline Hack

In eastern NC,
some automotive gas stations are shutdown
and
longer flights are adding fueling "stop" at out of state airports

RE: Petrolem Pipeline Hack

byrdj - what part of Eastern NC? I'm in SE Virginia, and we haven't seen closures yet. But prices have spiked $0.25/gal in the past couple of days.

RE: Petrolem Pipeline Hack

How about rail transport?
Oops, all the suitable rail cars are probably being used to transport Dilbit (Diluted bitumen) past the unbuilt section of the XL pipeline.
And the fucus is shifting from Dilbit to Drubit (Diluent Removed Bitumen). Drubit tankers may not be suitable for gasoline. I don't know.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

I'm in Richmond, VA and some shortages at gas stations have started occurring.

RE: Petrolem Pipeline Hack

Steam warm up.

DOT just loosened trucking regs. Now you can have a toke or two?

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

...and this is just the tip of the climate change iceberg...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

RE: Petrolem Pipeline Hack

In upstate SC. One station I drove past on the way in this morning was out of gasoline, only had diesel. The station across the street just got a delivery and people are queuing out into the road. Let the hoarding begin. Don't know if it's related but the Dow Jones Industrial average is down 500 points ...

----------------------------------------

The Help for this program was created in Windows Help format, which depends on a feature that isn't included in this version of Windows.

RE: Petrolem Pipeline Hack

If there wasn’t shortages, there will be as soon as people start to worry there might be.

RE: Petrolem Pipeline Hack

Dow Jones hasn't related to reality since their tax break. Colonial is a private company, so no direct impact to D&J. Maybe they're finally figuring out that C19 isn't going to magically disappear on 4th July, the Tokoyo Olympics will be postponed, or ... maybe that interest rates can't stay at zero forever. Take your pick.

Anyway...
I'll crowd source this link to a kmz file I was making of Colonial. I have one line pretty much filled in, along with some bits and pieces of 3rd party facilities nearby. Feel free to fill in more details.

https://www.dropbox.com/s/zurzo3c2ve46sx6/COLONIAL...

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

2
My company does control and SCADA systems including some pipelines. I can tell you that these systems are not updated until some addition or expansion is performed to the pipeline.

RE: Petrolem Pipeline Hack

SCADA itself is kind of low wear and tear. Who's to know when software needs an update, other than some obscure IT guy. Its not like it gets hot and refuses to work anymore.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

I wouldn't be surprised if it's linked to the current nonsense trying to kill Nordstream 2.



RE: Petrolem Pipeline Hack

How does that go ..payback are . a..

Nice conspiracy theory. I like it! Fits perfectly.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

So I just had to run a couple errands...Southeast Virginia has gone nuts, too. The line at the gas station was probably the better part of 45 minutes long...

RE: Petrolem Pipeline Hack

I wonder how many of those people are sitting there with their cars running and AC blasting...just burning gas for no good reason. (I realize it's not much, but I still find it funny...)

RE: Petrolem Pipeline Hack

I turn off my car (and roll down the windows) when I'm waiting in line to fill-up at Costco, which BTW, when I filled-up yesterday, they had not raised prices from about 10 days ago. Granted, here in SoCal, gas prices are already high (I paid $3.759/gal for regular).

John R. Baker, P.E. (ret)
EX-'Product Evangelist'
Irvine, CA
Siemens PLM:
UG/NX Museum:

The secret of life is not finding someone to live with
It's finding someone you can't live without

RE: Petrolem Pipeline Hack

Almost exactly = $1/liter.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote (1503-44)

As in a monthly pee in the bottle, so that's a good thing, right?

I have no problem with drug testing, but they also want to verify that you have a healthy blood pressure. Only, once they decide that they need to prevent truck driver strokes, they go too far and write the regs to require near-perfect health to pass the test. Typical American overdiagnosis of problems.

RE: Petrolem Pipeline Hack

Quote (byrdj)

like the lines forming around Raleigh NC

How about pay 5 cents a gallon more and buy gas elsewhere, not Costco?

RE: Petrolem Pipeline Hack

Here in SoCal, the difference between the price of gas at Costco versus a normal brand name station is approximately 50 cents a gallon.

John R. Baker, P.E. (ret)
EX-'Product Evangelist'
Irvine, CA
Siemens PLM:
UG/NX Museum:

The secret of life is not finding someone to live with
It's finding someone you can't live without

RE: Petrolem Pipeline Hack

Quote (NOLAscience)

How about pay 5 cents a gallon more and buy gas elsewhere, not Costco?

Well...since you have to have a membership to buy from Costco...I imagine the other gas stations have even longer lines. The 7-11 near me was in a similar state this afternoon, and I live in an exurban, almost rural area.

RE: Petrolem Pipeline Hack

Sorry, I was being a little flippant. And the difference is currently 0.20 a gallon here.

RE: Petrolem Pipeline Hack

Quote (1503)

Nice conspiracy theory. I like it! Fits perfectly.

It could be the other way round and home grown and its linked to keystone getting cancelled.

RE: Petrolem Pipeline Hack

Homegrown works. The Trump admin delayed the Nordstream pipeline. It seems the Biden admin is allowing it to complete. I don't see any reason Russia would be involved today.

RE: Petrolem Pipeline Hack

They are not allowing it to complete but it will be completed anyway.

There is a raft of western Companies getting hit with sanctions and they have just been ramped up. Russia is completing it using Kaliningrad and St Petersburg as bases with 2 Russian pipe layers.

Apart from blowing it up they won't stop it I suspect. Although quiet how they expect everyone to walk away from a 2 billion dollar project with only 5% left to complete is anyone's guess.

RE: Petrolem Pipeline Hack

I think its more like $8B, no. And it is basically Germany and Austria that will have to walk away from that money, as they are the key investors in the project. Plus it will inflate the cost of future gas purchases they planned to make for the coming 20 years and give them no choice, but to buy from an even more insecure source than Russia. Trump has taught the EU, that policy can always revert to "America First" at the rise of a single red hat.

The proposals and initial calls for sanctions, as I recall, were begun during Obama administration by the same Texas senators that are still behind it today. Unfortunately for German-Austrian interests, the sanction song plays well in the US and Democrats are dancing along with the rest listening to the words, more export sales, more jobs, more taxes while ignoring potential damage to foreign relations with friendly allies and not mentioning the fact that domestic gas prices are rising when they should normally be falling during spring slack time, supported entirely be gas purchased for the blooming export market. So Americans will also pay the price for the sanction policy ... one way or another. And Ukraine will finally get the $300M they were expecting from Trump, to calm their potentially lost revenue from gas transport fees from Russia, but this time they won't have to send any dirt in return.



Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

So, the FBI somehow missed cleaning up MS Exchange Server's vulnerability? They did as many as they could, without even obtaining a court order to invade company systems to do it. (I'm not particularly saying that's bad in these cases. They are supposed to protect and serve. What I'm saying is that MS is selling crap works with errors that they won't fix on their own and the public is paying the price.) How did they miss Colonial?

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Well there is system vulnerability and there's also the VPN connections into the servers using easily guessed e-mail addresses and possibly passwords.

Then I would imagine it's easy to fiddle around with things, especially if you discover one of the administrators is now working from home and remoting in all the time. Sometimes the passwords the admin staff use are the simplest of the lot to crack...

There was something in that tweet about the fact they didn't have two factor authorisation, but that can be hacked as well or amended.

Remember - More details = better answers
Also: If you get a response it's polite to respond to it.

RE: Petrolem Pipeline Hack

Yes, in a lot of cases they are not so much hacking the systems as they are the people running them.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Work locked down a lot of things after some sites were shut down over the same thing- ransomware. Things used to be easy going but now locked up tight, and training on the sorts of social engineering people use to get you to open stuff or disclose information.

RE: Petrolem Pipeline Hack

It's not always an easy task to keep software updated. If everything is MS Office, then it's no problem. When you have lots of vendor's software that has to all play well together, not so much. It's not like updating your PC or cell phone. I am not able to willy-nilly apply software updates. I have to know that everything has been tested together first and that the appropriate compatibility scenario is published by the vendor.
Also, if this was really a ransomware attack, then it's likely the hackers/vandals didn't target a specific system, but rather, they just throw their stuff out there and hope to hit something they can make a buck on. They don't know if they hit a gamer's PC or Chase Bank's databases.

Brad Waybright

The more you know, the more you know you don't know.

RE: Petrolem Pipeline Hack

I mentioned earlier about our youngest son who works for a company that helps organizations recover from hack attacks and such. I was talking to him yesterday and I learned that his division, which only deals with customers who have already been attacked or are victims of ransomware (they have another division which works with companies to harden their networks and firewalls) that they work for the insurance companies that are covering a companies liability. The company they're helping is not paying the bill, the insurance company is, and so all they do is recover what they can of the situation. My son describes it as applying a tourniquet, amputating the infected 'body' part and then restore what they can from the corporate back-ups, if they exist. At that point, their job is done. If the company wants to harden their network against future attacks, that's not covered by the insurance companies and therefore, they're not allowed to spend any time on that effort. They have to turn it over to the other division and then it's up to the original customer to pay for that themselves (the insurance company has met their contractual agreement). Note that he said that they're trying to get a piece of the Colonial Pipeline recovery effort and that their 'sales staff' is already negotiating with the insurance company.

John R. Baker, P.E. (ret)
EX-'Product Evangelist'
Irvine, CA
Siemens PLM:
UG/NX Museum:

The secret of life is not finding someone to live with
It's finding someone you can't live without

RE: Petrolem Pipeline Hack

@1503-44- Thank you for that single line :) Makes piecing together what happened easier.

Any idea at what pressure the pipe lines operates at? Or the pumps involved? From Google earth it looks like these stations take subtranmission or transmission level voltages to operate- transformers in the 15-25 MVA range. That is some energy to move all that energy lol.

RE: Petrolem Pipeline Hack

Typical operating pressures of Cross Country oil, refined products and gas transmission lines generally range from 750 to 1440 psig (apx. 100 Bar), with compressor or pump stations usually required about 50 miles apart. Distance between stations for liquid lines can vary significantly. Due to the higher density of liquid vs gas, pressure vs height of terrain can have major influence over pump station locations, some using almost all of their power just to provide lift, whereas pump stations in flatland only need to overcome flow generated friction. Friction of gas lines is normally the only real concern, so distances between compressor stations can be more constantly spaced, unless flow into or out of the systems change. I have not gotten to the point of estimating the amount of power they use on their system, but that could be an entertaining exercise for this evening.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote (moon161)

training on the sorts of social engineering people use to get you to open stuff or disclose information.

All the training in the world cannot protect against social engineering. A few years ago, the military did a study in which they provided extensive training about how to identify and avoid social engineering traps such as bad links and malicious attachments. When the participants were tested -- within a day or two of the training -- many fell for the trap! And it only takes one.

Bottom line -- we need to isolate these systems.

RE: Petrolem Pipeline Hack

Quote (FacEngrPE)

vulnerable, outdated version of Microsoft Exchange

It's amazing that you can hack a mail server and calendaring server and gain control of a petroleum pipeline.

RE: Petrolem Pipeline Hack

Not so amazing with things like this going on.
https://www.wired.com/story/apple-execs-chose-to-k...

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote:

It could be the other way round and home grown and its linked to keystone getting cancelled.
I think that some top brass at TC Energy are breathing a sigh of relief.
They don't have to continue with their multi billion dollar white elephant.
There have been a lot of problems, not the least being TC's flawed environmental submissions.
As the challenges and the delays continued, the market was changing.
The market changed from Synthetic Crude to DilBit, (Diluted Bitumen) to DruBit. (Diluent Removed Bitumen)
DilBit started to be transported by rail.
Then came DruBit.
While the XL could carry DilBit, it could not handle DruBit.
Comparing Crude to DilBit, the diluent is often returned to the source for re-use.
DilBit is 30% diluent or more. To transport 100 barrels of bitumen requires an additional 30 barrels of diluent.
Then that 30 barrels will often be returned for a total of 160 barrels moved for 100 barrels delivered.
That's about 62.5% product delivered versus material handled.
While energy is not the only cost, the energy cost of moving oil by rail is less than the cost of moving it by pipeline.
The economics of the XL have changed significantly since the project was first proposed.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

Ranking transport economics of crude usually come in, from lowest to highest cost, with estimated relative costs (from EIA) at,
Ocean tanker $1/bbl
Pipeline $5/bbl (my note: this is $5 in North America, up to $10+/bbl in Africa)
Rail >$10-15
Truck road tanker >$10-20

Probably based on a haul of 1000km to 1000 miles.
That also generally agrees with proprietary data I've seen in Platts, but not covering trucking.
If you have some conflicting data, please post it.



Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Looks good to me.

I've always worked on a ratio from tanker of 1: 4:7:10 for pipeline, rail, road so your figures look OK.

Variable obviously by location, distance etc.

Remember - More details = better answers
Also: If you get a response it's polite to respond to it.

RE: Petrolem Pipeline Hack

Ocean tanker rates can have more variation, because not being a fixed location asset, they can ply the market. But relative to other transport modes, they are always cheaper, as long as you don't have to build a canal for them. After all, that is the primary reason that the largest refineries are built on the oceanfront and that crude pipelines almost always connect to a marine terminal somewhere.


The US has 42,774 miles of interstate highway. API reports that cross country oil and product pipelines total 190,000 miles and 305,000 miles of cross country natural gas pipelines. Pipelines must have cheaper transportation rates, or those numbers would be reversed, right? Rail totals less than 100,000 miles.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote (NOLAscience)

It's amazing that you can hack a mail server and calendaring server and gain control of a petroleum pipeline.
It's just provided the door to get in. You can do the same thing with a PDF, Word, Excel, JPG, or almost any other type of file that somebody opens unwittingly.

Brad Waybright

The more you know, the more you know you don't know.

RE: Petrolem Pipeline Hack

Some related questions:

If the ransom was paid in crypto currency, will this become the example that causes gov't to restrict anonymous crypto and only support centralized named crypto?

Did the hack cause a fail-closed of the pipeline valves, and did that cause a waterhammer event in excess of design? A similar issue occurred in 1999 in bellingham washington when they switched servers and the new server restart led to fail-closed of valves, overpressuring the pipe due to waterhammer.


"...when logic, and proportion, have fallen, sloppy dead..." Grace Slick

RE: Petrolem Pipeline Hack

There is no report of any extent into operations. Data only... so far.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

The USD Group started shipping Tar Sands DilBit by rail in June of 2014.
They have since expanded to also ship DRUBit.
Google tells me that the capacity of a C&I (coiled and insulated) tank car is 29,000 gallons.
USDG's Hardisty Terminal has the capacity to load 420 Cars per day.
That's a capacity of over 12 million gallons per day.
USDG's Hardisty Terminal is about four miles from Gibson Energy's Hardisty Storage Facility with direct pipeline connections.
XL delays did not delay bitumen shipments, and rather than job losses jobs were transferred to this other sector.
The heavy oil is moving south despite the XL delays.
Any contracts to move oil via the XL have long since been invalidated due to inability to perform.
I suggest that if the XL were completed tomorrow, it may be years before the owners are able to show a profit.
As I said;
"Thank you President Biden, for giving the executives responsible for the XL an excuse to take to the board of directors and the stock holders."

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

I have to see it in bbls. 12MM gpd = 300K bbls/d. 30% diluent, so 200K of net oil.


Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

They are shipping more and more DRUBit, so 300k bbls/d = 300k bbls/d net when shipping DRUBit.
And the diluent is often returned, so 200K of net oil + 60k diluent + 60k diluent taking up pipeline capacity being returned = 320k gross.
The point is that rail shipping and DRUBit have changed the economics of the XL.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

Thanks for the info! :) 5000 HP motor would draw something like 4MWs of power. That is a lot!

RE: Petrolem Pipeline Hack

Compared to Sweden you are way behind 7,15 USD/gal or ca 15,5 SEK/l or 1,55 EUR/l.

/A

“Logic will get you from A to Z; imagination will get you everywhere.“
Albert Einstein

RE: Petrolem Pipeline Hack

Quote (dgallup)

Don't know if it's related but the Dow Jones Industrial average is down 500 points ...
Could also be because Bill och Melinda Gates are getting a divorced, they are afraid it will upset the whole world economy. winky smile

/A

“Logic will get you from A to Z; imagination will get you everywhere.“
Albert Einstein

RE: Petrolem Pipeline Hack

What appear to be upsets to the usual transport mode rankings might be observed in an area, for example, when pipeline capacity in the oil field region is non-existent, or is there is no more available pipeline capacity in the area (actually more common), and if a railroad is already nearby. Rail and truck may be the only transport option available in the short term, but that is also when railroad and trucking rates tend to increase, so it becomes hard to distinguish between seeing rail and trucks doing transport, assuming it is the cheapest option, solely because that's what you see on the surface, but actually it is a temporary condition that will dissappear as soon as pipeline capacity becomes available. I guarantee that the rails and trucks are not doing it for cheap. They jacked up the rates to make it worth all the expenses of keeping iron moving around the countryside, rather than setting it in the ground and not having to push it around at all.

Dilbit ain't easy.

In 1997 I was working in Venezuela desiging two 128 mile long hot heavy oil (bitumen/diluent) pipeline and diluent return line for Maraven's Orinoco Heavy Crude. We could take diluent delivery at the marine terminal to fill the diluent pipeline and it transported that up to the oil field. There the diluent was blended the heavy and heated to 70C. It went back to the coast to the "Upgrader" in the dilbit pipeline, where the "dil" and the "bit" were separated and the dil put back into the dil pipeline to complete the loop. I'm not sure, but I think it could have been one of the first long hot oil pipelines. At least it was a first for me and for Venezuela. The bitumen had a SG of 0.97, almost as heavy as water and by itself was a solid at 20C. I say a "hot oil" pipeline, because only the dilbit was heated once at the oil production facilities. The pipeline itself was not heated with a tracing, nor was it insulated by anything other than the surrounding soil. It made for an interesting deesign optimization problem.

Even the diluted mix was extremely viscous at ambient temperatures, but with enough heat, we could get it flowing pretty much like a normal crude....eventually. The problem was starting up the pipeline. On first start, when it was cold, we could manage to fill the line, but the surrounding soil cooled the dilbit off, starting at the outer region of flow near the pipe wall. If we did not flow into the pipe at a certain rate, we'd wind up with a thick sticky oil flowing slowly against the pipe wall and a warmer core flowing inside it, but that increased pressure and reduced flow a lot. It was a problem if flow stopped. The oil would cool and become almost solid, effectively plugging the pipeline. Since the pipeline was not heat traced, to prevent that, we started looking at various mixes of the diluent, which were from the western Venezuela oil fields where the crude was much lighter then the Orinoco's. I found a hi-diluent mix that improved the low temperature flow, but it reduced the net oil export flow too much. Reducing the dil quantity, increased the pressure needed to start and run the pipeline. I had to balance net oil export quantity, dilbit pipeline operating temperature, startup pressure, pump power, flow rate, diameter and construction costs for both pipelines. Another consideration came to light. The soil heat capacity changed with the seasons. Rainy weather in "winter", increased the soil's heat capacity and upset the thermodynammic equilibrium, which moved the pipeline opeation off the design flowrate, pressure and power settings.

Eventually I had to increase pipeline pressure to move the selected mixture, but that was only needed during startup. After a week of hot oil flowing in the pipeline at very slow rates, the soil around it would begin to reach equilibrium and the flowrate would start rising. The pressure required would also start dropping to about half of startup needs. We would have to add flow control and power reduction ability to keep net oil flowrates from exceeding production capacity. That also affected pump selection. Could we find a pump that could give us less than half flow at very high pressures and design flow at design preessure. We did when I found that configuring the pumps to run in both series and parallel. That worked perfectly. We would operate in series mode for one week, until flow rates started rising and pressures started dropping, then we would switch to paralled flow, double the flow rate and reduce pressure to half. It would then take 30 days to reach the ultimate flow rate. No VFDs needed, even for such a wide variation of conditions. We could still operate very close to the pump's best efficiency points as well. I still have extreme suspicions about the need for VFDs to this day. I can usually find a way to get rid of them. There is only one typical case scenario where I actually found VFDs more or less useful, but it was for irrigation use and definitely not involving pumping from a well to the surface.


Link to Google Earth KMZ for the Petrozuata Venezuela Extra Heavy Oil Project (Conocol and Maraven in 1997)
Don't know who is running it today, if its still there at all.



Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Well that's fascinating for me at least!

I had something like that for the waxy crude line in Sudan. The advantage there was the ground temperature was very high, but the key was keeping it moving. I did a transient heat up study for start up and discovered the ground heated up to more or less steady state in about 2 days as it was also uninsulated. We had a rather strange and unproven design to move some fluid back and forth (Yo-Yo) to maintain some level of shear in the fluid to prevent it gelling if the line stopped for >6 hours. No idea it it would work but that idea cam from the client so we went with it....

I think you're right on the VFDs for a fair number of the applications they are used for. It's too easy to pluck it out at concept stage and say it will cure all ills.

Remember - More details = better answers
Also: If you get a response it's polite to respond to it.

RE: Petrolem Pipeline Hack

Guess I felt like writing today.

Especially with pipelines when you need some partial flow capability and reliability anyway. With more than one or two pumps, there's a lot of flow rate turndown that you can do within efficient ranges. With four pumps you can be near enough BEP to do 1:5 and not be able to pay for a VFD with any savings. With one pump, no reliability or availability requirements, but you need a rull flow range and P varies with Q^2, or electric only drive specified, OK, VFD 24/7. IC engines make for a poor man's VFD anyway. More fuel, more speed. Its not often that we don't have fuel available at the suction flange.

Back and forth hey? Between North and South Sudan no doubt. smile

At least the waxy oil is lighter, but it does get solid when it cools. As you know, for Kenya we didn't look at if it could be pumped out at twice the pressure, and it was already a high pressure line anyway, but I doubt it was possible. There was "some presupposition" that the pipeline would have to be heat traced, like the India pipeline, so that was never looked at as far as I know.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

local news (raleigh, nc)
Friday could be the most difficult day yet to find gas – around 72% of NC gas stations were out of gas.

RE: Petrolem Pipeline Hack

Does anyone know if the XL line included a diluent return line? I don't think so. but I don't know for sure.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

I have never heard of any return line associated with XL or Keystone. If there is a continuous stream of diluent oil available in the production area, there would be no need to loop back the diluent to the field. In Venezuela, the diluent was in the Lake Maricaibo area and Orinoco is a long distance away. It was cheaper to build the diluent loop, fill it once, and have an upgrader, than to arrange for a continuous supply of diluent at the oilfield. All the Orinoco oil is on the very heavy side. And there is a lot of it. More oil than in Saudi. There were some experiments done with making an emmulsion with water and exporting that to burn in oil-electric generators, but nobody liked it much. It was very messy and hard to deal with the water. I don't think it ever caught on, hence the switch to diluent based transport.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

$5 Million ransom paid.. Only

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Its not so much the hackers. If you leave money on the table, we know that its pretty much going to disappear one way or another. So we don't knowingly leave money on the table.

This is the real problem. WE KNOW NOT TO LEAVE MONEY ON THE TABLE and we expect our software not do it either. How can we tell when they sell us an insecure application? Most of the time, they seem not to know either and if they do, they don't care, or don't want to tell us. So we have to cover their A$$ and encrypt our data before someone else does. That does not seem like the solution to the problem. Its a band aid for the developer's A$$. Should developers be forced to shoulder the responsibility for their crap insecure software?

Shift right: Developers knowingly release insecure applications, says report
https://portswigger.net/daily-swig/shift-right-dev...

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Just keep the intruder’s hands off of it. App security is important, but if nobody can get to it it will be more secure than anything an adversary has unlimited time to study.

I’ll see your silver lining and raise you two black clouds. - Protection Operations

RE: Petrolem Pipeline Hack

It makes it harder to use when you have to keep it locked up. Do you buy a car to keep it hidden away in the garage?
Is there some reason you are presenting that strategy? I'm not especially interested in a work around for bad software.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Simple, disconnect your operating systems from the web.

Concerns here reach all the way to wireless mouse concerns.

RE: Petrolem Pipeline Hack

Colonial Pipeline announced that that one of its main lines, Line 4, which runs from Greensboro, North Carolina, to Woodbine, Maryland, is operating under manual control for a limited period of time while existing inventory is available. The company is developing a plan to restart Lines 1, 2 and 3.

“As previously announced, while our main lines continue to be offline, some smaller lateral lines between terminals and delivery points are now operational as well,” the May 10 company statement said. “We continue to evaluate product inventory in storage tanks at our facilities and others along our system and are working with our shippers to move this product to terminals for local delivery.”

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

I am wondering;
Did the hack affect the physical control of the pipeline. or was it directed at the accounting servers so that revenue information of the volume of fuel delivered and/or billing for deliveries was compromised?

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

They have not admitted that ops were affected. Their restart plan suggests otherwise.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

Quote (FacEngrPE)

Should you want to find the pipelines near you, see the National Pipeline Mapping System Public Viewer
It's a bit cumbersome to use, as the map only displays pipelines, one county at a time,

It's even more cumbersome than that, as only the states Alabama through Hawaii are available on the drop-down menu. I tried in Google Chrome and in Edge. Any advice?

RE: Petrolem Pipeline Hack

Its messed up. Click on the drop down box, then use your arrow key to scroll down to Wyoming.


Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

The dropdown goes up, then you need to slider up and down to get the "state or federal waters category, then do the same thing for the county. They (the programmers) could have done a better job with the user interface.

RE: Petrolem Pipeline Hack

I hate the limited zoom detail that the public viewer has. They say it is to prevent terrorists from discovering exact location of critical facilities, however if you open Google Earth and zoom in, you can see every detail in most cases. Then if you go to Street View, you can almost pick the locks on the gates. That reason for limited zoom is simply total b.s.

It seems like the only thing you need to know to some real damage is an IP address or two.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

The ransomware didn't affect the SCADA. It crippled the IT business processes of Colonial Pipeline's system. This was no Stuxnet, but just a simple off-the-self ransomware attack, that happened to smash an integral part of Colonial Pipeline's operations. Dragos put out this commentary about it Trying to secure critical infrastructure is a wicked problem, and neither the IT cyber guys nor we engineers are good at it.

Steve Griffing
PE(CSE), CISSP-ISSEP, PMP, PSP, CEH
ICS Security Engineering
Griffing Technology LLC

RE: Petrolem Pipeline Hack

Thanks for the clarification Steve.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

RE: Petrolem Pipeline Hack

I imagine that they lost track of all their scheduled receipts and deliveries, to/from whom and to where and when for at least a 30 days lookahead.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

RE: Petrolem Pipeline Hack

DHS directive for pipeline security.
https://www.pipeline-journal.net/news/new-directiv...

"The company halted operations because its billing system was compromised, three people briefed on the matter told CNN, and they were concerned they wouldn't be able to figure out how much to bill customers for fuel they received. One person familiar with the response said the billing system is central to the unfettered operation of the pipeline. That is part of the reason getting it back up and running has taken time, this person said."


Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Eng-Tips Forums free from inappropriate posts.
The Eng-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Eng-Tips forums is a member-only feature.

Click Here to join Eng-Tips and talk with other members! Already a Member? Login


Resources

Low-Volume Rapid Injection Molding With 3D Printed Molds
Learn methods and guidelines for using stereolithography (SLA) 3D printed molds in the injection molding process to lower costs and lead time. Discover how this hybrid manufacturing process enables on-demand mold fabrication to quickly produce small batches of thermoplastic parts. Download Now
Design for Additive Manufacturing (DfAM)
Examine how the principles of DfAM upend many of the long-standing rules around manufacturability - allowing engineers and designers to place a part’s function at the center of their design considerations. Download Now
Taking Control of Engineering Documents
This ebook covers tips for creating and managing workflows, security best practices and protection of intellectual property, Cloud vs. on-premise software solutions, CAD file management, compliance, and more. Download Now

Close Box

Join Eng-Tips® Today!

Join your peers on the Internet's largest technical engineering professional community.
It's easy to join and it's free.

Here's Why Members Love Eng-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close