Petrolem Pipeline Hack 7

[hacksaw]

How can a modern system, like this be hacked? Do they need to go back to pneumatic controls?

 

[thebard3]

It's not always an easy task to keep software updated. If everything is MS Office, then it's no problem. When you have lots of vendor's software that has to all play well together, not so much. It's not like updating your PC or cell phone. I am not able to willy-nilly apply software updates. I have to know that everything has been tested together first and that the appropriate compatibility scenario is published by the vendor.
Also, if this was really a ransomware attack, then it's likely the hackers/vandals didn't target a specific system, but rather, they just throw their stuff out there and hope to hit something they can make a buck on. They don't know if they hit a gamer's PC or Chase Bank's databases.

Brad Waybright

The more you know, the more you know you don't know.

 

[JohnRBaker]

I mentioned earlier about our youngest son who works for a company that helps organizations recover from hack attacks and such. I was talking to him yesterday and I learned that his division, which only deals with customers who have already been attacked or are victims of ransomware (they have another division which works with companies to harden their networks and firewalls) that they work for the insurance companies that are covering a companies liability. The company they're helping is not paying the bill, the insurance company is, and so all they do is recover what they can of the situation. My son describes it as applying a tourniquet, amputating the infected 'body' part and then restore what they can from the corporate back-ups, if they exist. At that point, their job is done. If the company wants to harden their network against future attacks, that's not covered by the insurance companies and therefore, they're not allowed to spend any time on that effort. They have to turn it over to the other division and then it's up to the original customer to pay for that themselves (the insurance company has met their contractual agreement). Note that he said that they're trying to get a piece of the Colonial Pipeline recovery effort and that their 'sales staff' is already negotiating with the insurance company.

John R. Baker, P.E. (ret)
EX-'Product Evangelist'
Irvine, CA
Siemens PLM:
UG/NX Museum:

The secret of life is not finding someone to live with
It's finding someone you can't live without

 

[Mbrooke]

@1503-44- Thank you for that single line Makes piecing together what happened easier.

Any idea at what pressure the pipe lines operates at? Or the pumps involved? From Google earth it looks like these stations take subtranmission or transmission level voltages to operate- transformers in the 15-25 MVA range. That is some energy to move all that energy lol.

 

[1503-44]

Typical operating pressures of Cross Country oil, refined products and gas transmission lines generally range from 750 to 1440 psig (apx. 100 Bar), with compressor or pump stations usually required about 50 miles apart. Distance between stations for liquid lines can vary significantly. Due to the higher density of liquid vs gas, pressure vs height of terrain can have major influence over pump station locations, some using almost all of their power just to provide lift, whereas pump stations in flatland only need to overcome flow generated friction. Friction of gas lines is normally the only real concern, so distances between compressor stations can be more constantly spaced, unless flow into or out of the systems change. I have not gotten to the point of estimating the amount of power they use on their system, but that could be an entertaining exercise for this evening.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[NOLAscience]

training on the sorts of social engineering people use to get you to open stuff or disclose information.

All the training in the world cannot protect against social engineering. A few years ago, the military did a study in which they provided extensive training about how to identify and avoid social engineering traps such as bad links and malicious attachments. When the participants were tested -- within a day or two of the training -- many fell for the trap! And it only takes one.

Bottom line -- we need to isolate these systems.

 

[NOLAscience]

vulnerable, outdated version of Microsoft Exchange

It's amazing that you can hack a mail server and calendaring server and gain control of a petroleum pipeline.

 

[1503-44]

Not so amazing with things like this going on.

https://www.wired.com/story/apple-execs-chose-to-keep-hack-of-128-million-iphones-quiet/

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[FacEngrPE]

Powerzone is one supplier of pumping station equipment. This posting Pipeline Pumping Systems for Midstream Crude Oil Pipeline – Engineering Pump & Motor Systems. has some information on the power requirements.
"The pumps needed to be driven by four electric motors, including (3) 3000 HP electric motors and (1) 5250 HP electric motor, and were supplied to a midstream oil and gas company for a crude oil pipeline."

 

[FacEngrPE]

Colonial announces pipeline restart, says normal service will take 'several days'

Today in eastern va a number of gas stations were out of fuel. But at least where I am enough fuel is available to keep lines short at the stations with fuel.

 

[waross]

It could be the other way round and home grown and its linked to keystone getting cancelled.

I think that some top brass at TC Energy are breathing a sigh of relief.
They don't have to continue with their multi billion dollar white elephant.
There have been a lot of problems, not the least being TC's flawed environmental submissions.
As the challenges and the delays continued, the market was changing.
The market changed from Synthetic Crude to DilBit, (Diluted Bitumen) to DruBit. (Diluent Removed Bitumen)
DilBit started to be transported by rail.
Then came DruBit.
While the XL could carry DilBit, it could not handle DruBit.
Comparing Crude to DilBit, the diluent is often returned to the source for re-use.
DilBit is 30% diluent or more. To transport 100 barrels of bitumen requires an additional 30 barrels of diluent.
Then that 30 barrels will often be returned for a total of 160 barrels moved for 100 barrels delivered.
That's about 62.5% product delivered versus material handled.
While energy is not the only cost, the energy cost of moving oil by rail is less than the cost of moving it by pipeline.
The economics of the XL have changed significantly since the project was first proposed.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

 

[1503-44]

Ranking transport economics of crude usually come in, from lowest to highest cost, with estimated relative costs (from EIA) at,
Ocean tanker $1/bbl
Pipeline $5/bbl (my note: this is $5 in North America, up to $10+/bbl in Africa)
Rail >$10-15
Truck road tanker >$10-20

Probably based on a haul of 1000km to 1000 miles.
That also generally agrees with proprietary data I've seen in Platts, but not covering trucking.
If you have some conflicting data, please post it.



Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[LittleInch]

Looks good to me.

I've always worked on a ratio from tanker of 1: 4:7:10 for pipeline, rail, road so your figures look OK.

Variable obviously by location, distance etc.

Remember - More details = better answers
Also: If you get a response it's polite to respond to it.

 

[1503-44]

Ocean tanker rates can have more variation, because not being a fixed location asset, they can ply the market. But relative to other transport modes, they are always cheaper, as long as you don't have to build a canal for them. After all, that is the primary reason that the largest refineries are built on the oceanfront and that crude pipelines almost always connect to a marine terminal somewhere.


The US has 42,774 miles of interstate highway. API reports that cross country oil and product pipelines total 190,000 miles and 305,000 miles of cross country natural gas pipelines. Pipelines must have cheaper transportation rates, or those numbers would be reversed, right? Rail totals less than 100,000 miles.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[thebard3]

It's amazing that you can hack a mail server and calendaring server and gain control of a petroleum pipeline.

It's just provided the door to get in. You can do the same thing with a PDF, Word, Excel, JPG, or almost any other type of file that somebody opens unwittingly.

Brad Waybright

The more you know, the more you know you don't know.

 

[davefitz]

Some related questions:

If the ransom was paid in crypto currency, will this become the example that causes gov't to restrict anonymous crypto and only support centralized named crypto?

Did the hack cause a fail-closed of the pipeline valves, and did that cause a waterhammer event in excess of design? A similar issue occurred in 1999 in bellingham washington when they switched servers and the new server restart led to fail-closed of valves, overpressuring the pipe due to waterhammer.


"...when logic, and proportion, have fallen, sloppy dead..." Grace Slick

 

[1503-44]

There is no report of any extent into operations. Data only... so far.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[waross]

The USD Group started shipping Tar Sands DilBit by rail in June of 2014.
They have since expanded to also ship DRUBit.
Google tells me that the capacity of a C&I (coiled and insulated) tank car is 29,000 gallons.
USDG's Hardisty Terminal has the capacity to load 420 Cars per day.
That's a capacity of over 12 million gallons per day.
USDG's Hardisty Terminal is about four miles from Gibson Energy's Hardisty Storage Facility with direct pipeline connections.
XL delays did not delay bitumen shipments, and rather than job losses jobs were transferred to this other sector.
The heavy oil is moving south despite the XL delays.
Any contracts to move oil via the XL have long since been invalidated due to inability to perform.
I suggest that if the XL were completed tomorrow, it may be years before the owners are able to show a profit.
As I said;
"Thank you President Biden, for giving the executives responsible for the XL an excuse to take to the board of directors and the stock holders."

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

 

[1503-44]

I have to see it in bbls. 12MM gpd = 300K bbls/d. 30% diluent, so 200K of net oil.


Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.

 

[waross]

They are shipping more and more DRUBit, so 300k bbls/d = 300k bbls/d net when shipping DRUBit.
And the diluent is often returned, so 200K of net oil + 60k diluent + 60k diluent taking up pipeline capacity being returned = 320k gross.
The point is that rail shipping and DRUBit have changed the economics of the XL.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

 

[Mbrooke]

Thanks for the info! 5000 HP motor would draw something like 4MWs of power. That is a lot!