Pipeline Shutdown

[Franklin Pierce]

'Absolute stupidity': Cybersecurity experts Condemn White House for Breaking with FBI and Suggesting private companies could Pay Ransomware Demands as gas pumps run dry amid Darkside pipeline hack

Cybersecurity experts condemned the White House after senior officials broke from the FBI's advice that companies should not pay ransomware demands, saying instead it was instead a decision for the private sector.

Specialists in computer security fear the lure of easy corporate money could trigger a fresh wave of attacks even as gas stations run dry in the wake of the Darkside attack on a major fuel pipeline.

James Knight, of Digital Warfare Corp, told DailyMail.com: 'I think it is incredibly foolish that they even suggested it.

Cybersecurity experts condemn White House for suggesting companies canpay ransomware demands | Daily Mail Online

 

[VolStrom]

I would really like to know what system(s) were hacked at this company that they can't operate pumps and valves? I'm sure pumping things through a pipeline is more complicated than I can think of, but good Lord, they are pumping petro chemicals through a pipe from one tank to another. Was this all done on a Windows XP machine? To me this a pretty straight forward process that should have used PLC's which aren't prone to being hacked and if they were can be brought back up fairly quickly. I don't get it, maybe some more hedge fund management in action.

 

[Vol737]

A stellar piece of reporting by CNN, but as usual someone has found a way into our pockets. Thanks Joe!

Gas prices: Pipeline shutdown sparks worries of $3 a gallon - CNN

An excerpt:


Why would TN run out of gasoline "during normal circumstances"?

Pure CNN bulls**t. They’re so predictably stupid.

 

[PEPPERJAX]

It would be nice if some hackers in the USA could sabotage something in Russia. A Vodka pipeline possibly if we are too dumb to disrupt their oil?

 

[headhunter15]

Well, people are going nuts in Hamblen Co. Mom called and said she waited for almost 45 minutes to get gas this afternoon at Food City.

 

[headhunter15]

 

[Vollifer1949]

 

[allvol123]

When/will East TN see possible ramifications from the cyber attack? Price increase or shortages?

I heard East TN will not see much impact at all from this situation.

 

[allvol123]

I would really like to know what system(s) were hacked at this company that they can't operate pumps and valves? I'm sure pumping things through a pipeline is more complicated than I can think of, but good Lord, they are pumping petro chemicals through a pipe from one tank to another. Was this all done on a Windows XP machine? To me this a pretty straight forward process that should have used PLC's which aren't prone to being hacked and if they were can be brought back up fairly quickly. I don't get it, maybe some more hedge fund management in action.

Similar thoughts. At some point you surely have the ability to manual override and mechanically engage operations.

 

[VolStrom]

I heard East TN will not see much impact at all from this situation.

I heard that too. We will only see a 50 cent increase in gas prices which will never go back down either. Thanks Joe!

 

[allvol123]

I heard that too. We will only see a 50 cent increase in gas prices which will never go back down either. Thanks Joe!

No worries. Joe will buy everyone a Tesla that can be charged by solar power.

 

[Rasputin_Vol]

Years ago most of the land in the right of way of the pipeline was sold to fireworks stands and go kart tracks so accidents have unfortunately been quite common.

I knew this wasn't the first time we've had gas shortages on based on that pipeline being out.

Colonial Pipeline - Wikipedia

2008
Following the passage of Hurricane Ike in September 2008, this pipeline was operating at a severely reduced capacity due to a lack of supply from refineries in the Gulf Coast that had closed, causing gasoline shortages across the southeastern United States.

• On Wednesday, October 3, 2012, Colonial Pipeline shut down line 19 and 20 in Chattanooga, Tennessee due to reports of gasoline odors. Reuters reported that about 500 gallons of gasoline may have been released.[21] The line carrying gasoline was repaired and the distillate line, which carries Diesel fuel, jet fuel and other products, was inspected and found to be undamaged. Both lines were restarted two days later on October 5, 2012.[22]
• September 21, 2015, a leak was discovered in Centreville, Virginia by a local restaurant employee. The leak was estimated to have released 4,000 gallons of hydrocarbon product over the course of the preceding 2 weeks. Product was located and removed from the downstream retention pond adjacent to a townhome community.[23]
• On Friday, September 9, 2016, a leak was detected in Shelby County, Alabama, spilling an estimated 252,000 US gallons (954,000 L) of summer-grade gasoline, requiring a partial shutdown of the pipeline and threatening fuel shortages in the southeastern United States.[24][25] This was Colonial's "biggest spill in nearly two decades."[1] It caused a "12-day interruption in the flow of about 1.3 million barrels per day of the fuel from the refining hub on the Gulf Coast to the Northeast."[1]
• On October 31, 2016, a Colonial Pipeline mainline exploded and burned in Shelby County, Alabama, after accidentally being hit by a trackhoe during repairs related to the September event. One worker died at the scene, and five others were hospitalized, one of whom later died of his injuries. The explosion occurred several miles from the September 9, 2016 breach.[26] On November 1, 2016, the U.S. Occupational Safety and Health Administration had control of the site, where the fire was still burning. The shutdown was affecting primarily the Southeast, as Northeast markets can receive some oil by water.[1] The line returned to service November 6.[27]
• In the summer of 2020,[28] a Colonial Pipeline gasoline pipeline leaked 1.2 million gallons into a nature preserve in Huntersville, North Carolina without detection.[29] After detection by a group of teenagers, it took Colonial five days to repair the 5-foot crack in the pipeline. As of February 2021, Colonial recovered 800,000 gallons of gasoline and 200,000 gallons of contaminated water. Neither NC Department of Environmental Quality nor Pipeline and Hazardous Materials Safety Administration assessed fines.[3]

 

[NurseGoodVol]

I would really like to know what system(s) were hacked at this company that they can't operate pumps and valves? I'm sure pumping things through a pipeline is more complicated than I can think of, but good Lord, they are pumping petro chemicals through a pipe from one tank to another. Was this all done on a Windows XP machine? To me this a pretty straight forward process that should have used PLC's which aren't prone to being hacked and if they were can be brought back up fairly quickly. I don't get it, maybe some more hedge fund management in action.

Wonder if they have tried unplugging it and plugging it back in?

 

[Y9 Vol]

Wonder if they have tried unplugging it and plugging it back in?

Must wait 10 seconds.

 

[05_never_again]

Similar thoughts. At some point you surely have the ability to manual override and mechanically engage operations.

I'm sure mechanically engaging it is their plan to get it back on line by this weekend, but it seems something like that might take time if you have to do it physically all up and down the pipeline.

I'm sure this attack was far, far less sophisticated, but it kind of reminds me of the Stuxnet worm that was able to take over Iranian nuclear reactors and literally blow them up by making some of the controllers go haywire.

 

[Rasputin_Vol]

I would really like to know what system(s) were hacked at this company that they can't operate pumps and valves? I'm sure pumping things through a pipeline is more complicated than I can think of, but good Lord, they are pumping petro chemicals through a pipe from one tank to another. Was this all done on a Windows XP machine? To me this a pretty straight forward process that should have used PLC's which aren't prone to being hacked and if they were can be brought back up fairly quickly. I don't get it, maybe some more hedge fund management in action.

You've probably got all sorts of pressure regulation and flow monitoring that is involved that sends info to a feedback loop that controls the entire system. If you remove these feedback loops, it may prevent you from being able to run just wide open with no kind of controls.
Trust me, I understand the frustration, but if it was just as simple as jumpering out a PLC output to start a pump motor, they would have done that days ago.

 

[VolStrom]

You've probably got all sorts of pressure regulation and flow monitoring that is involved that sends info to a feedback loop that controls the entire system. If you remove these feedback loops, it may prevent you from being able to run just wide open with no kind of controls.
Trust me, I understand the frustration, but if it was just as simple as jumpering out a PLC output to start a pump motor, they would have done that days ago.

I agree, but I also don't see what kind of control system they could have that could have been hacked. I did this stuff for a living for 35 years and we never had a system that could be accessed from the outside. They must have hired some Harvard MBA's to milk the teat and ignore common sense.

 

[McDad]

I agree, but I also don't see what kind of control system they could have that could have been hacked. I did this stuff for a living for 35 years and we never had a system that could be accessed from the outside. They must have hired some Harvard MBA's to milk the teat and ignore common sense.

It doesn't make sense to me either. Why would a pipeline need computer automation?

 

[Rasputin_Vol]

I agree, but I also don't see what kind of control system they could have that could have been hacked. I did this stuff for a living for 35 years and we never had a system that could be accessed from the outside. They must have hired some Harvard MBA's to milk the teat and ignore common sense.

Never say never. If it has a network, it hass a vulnerability.

It could be an inside actor...

 

[Rasputin_Vol]

It doesn't make sense to me either. Why would a pipeline need computer automation?

If a sensor upstream gets a signal that there is a loss of pressure from a sensor that is downstream, it is likely that the reason for that loss of pressure would be a leak of some kind. In that case, there would need to be a valve upstream that would need to close that would stop at the nearest section of pipe to the leak. The people obviously downstream would lose service but you would still be able to maintain service to the other customers upstream.

Just me speculating and pulling something out of my arse.

 

[McDad]

If a sensor upstream gets a signal that there is a loss of pressure from a sensor that is downstream, it is likely that the reason for that loss of pressure would be a leak of some kind. In that case, there would need to be a valve upstream that would need to close that would stop at the nearest section of pipe to the leak. The people obviously downstream would lose service but you would still be able to maintain service to the other customers upstream.

Just me speculating and pulling something out of my arse.

I see the value in a safety over ride. Those can be electrical and not via computer (speculation by me). VolStrom is the EE. He'd know.

 

[Rasputin_Vol]

I see the value in a safety over ride. Those can be electrical and not via computer (speculation by me). VolStrom is the EE. He'd know.

I'm an EE, also.

 

[Carl Pickens]

It’s already reached idiot ass level in Mt. Juliet.... I pulled in to get my daughter some gas and saw this...

 

[McDad]

I'm an EE, also.

I didn't know.

This whole dam forum is full of nerds!

 

[NurseGoodVol]

It doesn't make sense to me either. Why would a pipeline need computer automation?

Directional flow control.