Security
Honeywell | 19 June 2017

Honeywell Invests in Cybersecurity Innovation Center in Asia Pacific

Honeywell Process Solutions, with the support of the Singapore Economic Development Board, will establish a new industrial cybersecurity center of excellence (COE) for Asia Pacific in Singapore.The COE will feature a state-of-the-art cybersecurity research and development laboratory, an advanced training facility, and a security operations center that provides managed security services.

The Singapore cybersecurity center of excellence will be similar to Honeywell’s cybersecurity laboratory in Atlanta, Georgia, USA. Credit: Honeywell.

“Honeywell’s major investments in new industrial cybersecurity technologies, services, and advanced research—including this new center of excellence in Singapore—will further strengthen our ability to secure and protect industrial assets, operations, and people,” said Jeff Zindel, vice president and general manager, Honeywell Industrial Cyber Security. “The COE will provide a world-class innovation platform for smart industry, critical infrastructure protection, and securing the Industrial Internet of Things in the Asia Pacific region.”

The new facility in Singapore, which is the first for Asia Pacific, is a further expansion of Honeywell’s global network of innovation centers. The laboratory will be used for proprietary research and development of new cybersecurity technologies and products, hands-on training and certifications, and testing and validation of industrial cybersecurity solutions. It will enable rapid development and introduction of innovative cybersecurity solutions to the regional and global markets.

The facility will also deliver managed industrial cybersecurity services to help users reduce the risk of security breaches and proactively improve their security posture. Managed services include continuous security and performance monitoring and alerting, security asset management, and incident response with 24 hour expert support 365 days a year.

Read the full story here.

Honeywell | 19 June 2017

Honeywell To Acquire Industrial Cybersecurity Software Leader Nextnine

Honeywell announced that it has signed a definitive agreement to purchase Nextnine, a privately held provider of security management technologies for industrial cybersecurity. The addition of Nextnine’s industry-leading security solutions and secure remote service capabilities will enhance the company’s existing range of cybersecurity technologies and significantly increase Honeywell’s Connected Plant cybersecurity customer base.

Nextnine’s flagship technology, ICS Shield, protects industrial sites from cybersecurity attacks and enables remote monitoring of assets. It complements Honeywell’s cybersecurity portfolio with a solution that is used at more than 6,200 sites globally across the oil and gas, utility, chemical, mining, and manufacturing sectors. Previously, ICS Shield had to be deployed separately for each control system vendor, resulting in multiple and separate installations at a single customer site. With this acquisition, customers will be able to deploy and operate a single system, thereby simplifying and better securing their entire site.

Read the full story here.

Bloomberg | 14 June 2017

Worker’s Death Leads Libya’s Oil Production To Drop by a Quarter

Libya’s oil production has plunged by almost a quarter after workers shut the OPEC country’s biggest field to protest lack of medical care following the death of a colleague, a person familiar with the matter said.

Output has fallen to 618,000 B/D after workers halted production at Sharara field, protesting the death of a colleague and demanding better working conditions, the person said, asking not to be identified because they aren’t authorized to speak to the media. The country was producing 807,000 B/D on 5 June, Jadalla Alaokali, board member at National Oil Corp., said at the time.

Libya has sought to boost crude exports but fighting and labor unrest at ports and fields have crippled these efforts. In the country where much of the foreign staff of international companies left following a 2011 uprising, local employees run risks as they continue to produce and export crude. Libya was exempt from production cuts agreed by the Organization of the Petroleum Exporting Countries and allied suppliers on 25 May to battle a global glut.

Read the full story here.

E&E News | 25 May 2017

Cyber Raises Threat Against America’s Energy Backbone

Five years ago, an attack on nearly two dozen US natural gas utilities set off alarm bells in the US intelligence community. A hacker using the nickname UglyGorilla stole troves of sensitive data from gas pipeline companies, breaching the nation’s 300,000-mile web of steel that is a critical backbone for the nation’s economy.

In this May 2014 photo, rain clouds blanket a natural gas well pad operated by Cabot Oil and Gas in northern Pennsylvania. Advances in hydraulic fracturing technology have made natural gas a cheap source for power generation, but experts say the interdependence between the electric and gas sectors could open doors for hackers. Credit: Blake Sobczak.

News of the hacks trickled out in May 2012. Homeland security officials scrambled to schedule classified briefings with U.S. pipeline operators, and the wheels of law enforcement started building the case.

Two years later, the Justice Department unveiled charges against five members of an elite cyber division of China’s military, outing People’s Liberation Army officer Wang Dong as UglyGorilla and throwing light on a wide-ranging “sophisticated” campaign of cybertheft dating back to 2006.

Wang’s pipeline hacking spree peaked between December 2011 and June 2012, according to multiple sources. Since then, increased reliance on natural gas for power generation has made the gas transmission system one of the most consequential hacking targets in the country. Today, Wang and his team likely hold some of the blueprints needed to launch a cyberattack that could plunge parts of the nation into darkness for days, if not a lot longer, experts say.

Many gas companies say they have shored up security since then. But the sector’s overall cyber readiness is a black box even to those charged with overseeing it, an Energywire investigation found. The Transportation Security Administration, better known and better funded for its role in aviation security, is tasked with ensuring the nation’s biggest gas transmission companies stay at least a step ahead of hackers. Yet TSA’s pipeline security office remains critically understaffed to tackle cybersecurity.

Meanwhile, the number of “advanced, persistent threats” going after US energy systems has only grown since Wang’s alleged series of intrusions. “There appears to be an increasing level of activity, sophistication, and maturity of threat actors, in particular nation-state actors, that wish to disrupt the US bulk power system and the US gas transmission or distribution system,” gas and electric utility holding company Dominion Energy noted in a recent filing with the Securities and Exchange Commission, echoing similar disclosures from many of its publicly traded peers in the industry.

The Department of Homeland Security considers the threat of disruption to be low. But the impact could be enormous. William Evanina, director of the National Counterintelligence and Security Center in the Office of the Director of National Intelligence, said in March that a briefing from energy officials on the pipeline threat “really scared me.”

He noted that “if we have a cyberattack from one of our adversaries, and they hit the power grid in the East Coast,” federal authorities have a good handle on the amount of time it would take to recover. “If the natural gas is shut off … [there’s] not even an estimate,” he said.

Read the full story here.

FuelFix | 15 May 2017

As Prices Rise, Oil Companies Drill Down on Industrial Cybersecurity

In recent months, more US oil company boards have demanded information technology managers prove refineries and drilling rigs are protected against cyberattacks, the chief of a security firm says.

A refinery along Highway 225 on 25 January 2017, in Dear Park, Texas. Credit: James Nielsen/Houston Chronicle.

Rising oil prices and increased awareness of industrial cyberthreats seem to have spurred new corporate-level maneuvers this year to secure computer controls that run energy facilities, said Barak Perelman, chief executive of Israeli cyber security firm Indegy. At some oil companies, he said, chief information security officers now spend a quarter of their monthly security committee meetings discussing so-called industrial control systems, the devices that control oil and gas equipment.

“They’re being given budgets for industrial cybersecurity,” Perelman said on 12 May. “In all my conversations, nobody has said ‘yes, but oil prices.’ I heard that a lot last year.”

Read the full story here.

Reuters | 27 April 2017

Saudi Arabia Says it Foiled Bombing Attempt on Aramco Fuel Distribution Terminal

Saudi forces have foiled an attempt to blow up an Aramco fuel terminal in southern Saudi Arabia using a high-speed boat laden with explosives, the interior ministry said on 26 April. The ministry accused Yemen’s Houthi group of being behind the attempt.

The ministry said in a statement that navy forces opened fire on the remote-controlled boat on 25 April after it was intercepted inside Saudi territorial waters some 1.5 nautical miles from its target.

There were no immediate reports of any injuries in the incident, which the statement said targeted an Aramco fuel terminal and distribution station in Jazan.

The statement accused the Iran-aligned Houthis of being behind the attempted attack, saying the group, which controls much of northern Yemen, was “threatening waterways and naval facilities using booby-trapped boats and naval mines.”

Read the full story here.

PR Newswire | 21 March 2017

Atos, Siemens Expand Strategic Relationship To Provide Cybersecurity for US Utilities, Oil and Gas Industry

Atos, a global leader in digital services, and Siemens, a global engineering leader, announced that they have entered into a memorandum of understanding and will leverage their portfolios to help customers establish an integrated first line of defense against cyberattacks. Siemens and Atos work together in the area of cybersecurity for industrial companies, providing customers in the manufacturing and processing industries with comprehensive security services and products.

The Atos and Siemens partnership in the US is part of a global agreement around cybersecurity including common go-to-market and shared research and development efforts to target information technology (IT) and operational technology (OT) security for any market.

As utilities increasingly use software to become more efficient and reliable, there is a corresponding need to boost cyberdefenses—going beyond compliance regulations to secure operations. In oil and gas, digitalization brings a convergence of IT and OT connectivity that enables data to travel from the field to the control room to the enterprise network—underscoring the need for a unique set of solutions to address the crossover between IT and OT.

A recent study from the independent Ponemon Institute shows that nearly 70% of US oil and gas cyber managers said their operations have had at least one security compromise in the past year, resulting in the loss of confidential information or OT disruption—highlighting the need for the oil and gas industry to increase its cyberdefenses.

Read the full story here.

Reuters | 8 March 2017

Libyan Oil Guard Head Says Asked To Protect Oil Ports After Clashes

An oil guard official appointed by Libya’s UN-backed government said on 7 March that he had been tasked with protecting oil ports by an armed faction that took over Es Sider and Ras Lanuf terminals.

Benghazi Defense Brigades leader Mustafa al-Sharksi attends a news conference on 6 March 6 in Libya. Credit: Reuters/Stringer.

Idris Bukhamada, recently named by the Government of National Accord as the head of the Petroleum Facilities Guard, told local TV that export operations at the ports were continuing and that the oil was for all Libyans.

He was speaking after east Libyan forces carried out air strikes for a fifth day against the Benghazi Defense Brigades (BDB), the faction that overran the ports. The eastern-based Libyan National Army (LNA) and the BDB have been battling for control in Libya’s eastern Oil Crescent since 3 March, threatening output from oil ports that the LNA seized in September.

A senior official from Libya’s National Oil Corporation (NOC) said on Monday that production had dipped by 35,000 B/D because of the latest unrest, leaving national production at just more than 660,000 B/D.

OPEC member Libya was producing more than 1.6 million B/D before a 2011 uprising led to political turmoil and conflict that slashed output to a fraction of earlier levels.

“We have been tasked by the BDB to protect the oil ports,” Bukhamada said, adding his oil guard belonged to the state and had no military mission.

“I reassure all companies and NOC partners that export operations are continuing and have not stopped,” he told Libyan TV channel Al Nabaa.

Since the BDB attacked on 3 March, a front line has formed at the center of the Oil Crescent, between the ports of Ras Lanuf and Brega. The Libyan National Army still controls Brega as well as a fourth port, Zueitina, which lies to the northeast.

It says it is using air strikes to prepare the ground for a counter-attack.

Read the full story here.

The Associated Press | 6 March 2017

Hackers Drawn to Energy Sector’s Lack of Sensors, Controls

Oil and gas companies, including some of the most celebrated industry names in the Houston area, are facing increasingly sophisticated hackers seeking to steal trade secrets and disrupt operations, according to a newspaper investigation.

A stretch of the Gulf Coast near Houston features one of the largest concentrations of refineries, pipelines, and chemical plants in the country, and cybersecurity experts say it’s an alluring target for espionage and other cyberattacks.

“There are actors that are scanning for these vulnerable systems and taking advantage of those weaknesses when they find them,” said Marty Edwards, director of U.S. Homeland Security’s Cyber Emergency Response Team for industrial systems.

Homeland Security, which is responsible for protecting the nation from cybercrime, received reports of some 350 incidents at energy companies from 2011 to 2015, an investigation by the Houston Chronicle has found. Over that period, the agency found nearly 900 security flaws within US energy companies, more than any other industry.

 

Read the full story here.

Bloomberg | 15 February 2017

Libya Crude Output Rises as Work Conditions for Big Oil Improve

Libya’s crude production exceeded 700,000 B/D and is expected to keep rising as working conditions in the conflict-ridden country improve for international companies such as Eni and Total, an official from the state oil company said.

The North African country’s crude production is expected to reach 1.2 million B/D by August and 1.7 million by March 2018 when the nation’s ports and export terminals will be operating at full capacity, Jadalla Alaokali, board member of Libya’s National Oil Corp., said in an interview in Cairo. Output at the El-Feel, or Elephant, oil field is expected to resume within 1 month, pumping 75,000 B/D, he said.

Eni and Total are working in Libya without difficulty, and Schlumberger resumed operations in the country about 3 months ago, he said. Eni is expected to start production from an offshore area in 5 years, he said.

“Eni and Total are working there with no problems, so the situation is improving every day in Libya, and I’d like to take this opportunity as an introduction for those who have interest to work in Libya,” Alaokali said. “More than 45% of the land is still virgin, hasn’t been explored, so we still have large areas that haven’t been discovered, so the opportunity is there.”

Read the full tory here.

IPIECA | 10 February 2017

IPIECA Launches Responsible Security Tools

IPIECA has developed two responsible security tools, produced in partnership with the Geneva Centre for the Democratic Control of Armed Forces (DCAF) and the International Committee of the Red Cross (ICRC). The two tools are:

The tools have been developed for all extractive companies to support engagement between companies and government security forces. Before engaging or investing in new operations in a host country, companies need to assess and evaluate the risks involved. The Host Country Security Assessment Guide is aimed to assist companies in evaluating the national and regional security contexts and identify the different challenges that are likely to affect extractive operations. Complex environments pose particularly challenging security and human rights risks and require a thorough analysis of the security sector and actors.

The security of company operations in a host country depends significantly on the company’s engagement and relations with the national security sector. Therefore, it is important to establish predictable relations with key security actors early on because inappropriate or underprepared first consultations with stakeholders can have long-term negative effects on company operations. The Host Government Engagement Strategy Tool is aimed to support company representatives prepare for these first consultations and establish a strategy for the engagement and communication with security sector representatives.

Read more about IPIECA here.

King & Spalding | 18 January 2017

Maritime Cybersecurity Regulation on the Horizon

Over the past year, various institutions and organizations—both domestic and international—have shown an interest in moving the increasingly prevalent cybersecurity conversation offshore. Domestically, both Congress and federal agencies have pushed to mandate cybersecurity measures for ships, ports, terminals, and offshore facilities. Internationally, a United Nations agency has issued new guidelines designed to enhance cybersecurity in worldwide shipping operations.

Critical energy infrastructure has long been at the forefront of cybersecurity, both because it is a frequent target of cyberattacks and because the potentially debilitating effects of a successful attack. However, maritime cybersecurity regulations will not necessarily target just the energy industry and are likely to come from a variety of sources, some of which may be unfamiliar to industry players.

Despite a strong national interest in regulating the cybersecurity of critical energy infrastructure, the industry’s maritime operations have largely gone under the radar. To date, approaches to cybersecurity in the energy industry’s maritime operations have largely been voluntary and, thus, company- or even vessel-specific. At the same time, global economic growth and the corresponding increase in energy demand have led many energy companies to explore offshore options for replenishing reserves and meeting production needs. Oil and gas producers, in particular, have shown a steadily rising interest in maritime technologies, such as floating production, storage, and offloading vessels and floating liquefied natural gas operations, that can both meet energy demand and align companies with global efforts to reduce emissions. But the rapid adoption of new operational technologies and an increased dependence on networked cyber structures opens the possibility of cyberattacks that could threaten the economy, worker safety, the environment, or national security.

As a new year begins, the energy industry is now facing the prospect of new regulatory oversight of its cybersecurity efforts in maritime operations. The past year revealed a series of indicators that maritime cybersecurity regulation is imminent. Six months ago, the United Nations International Maritime Organization published Interim Guidelines on Maritime Cyber Risk Management, which were drafted with input from representatives of 44 member states, including the United States Coast Guard (USCG). Six months before that, the US House of Representatives sent a bill to the Senate that would require USCG to enforce cybersecurity standards at US ports and in maritime operations. Meanwhile, the two federal agencies with primary jurisdiction over industrial maritime operations—USCG and the Bureau of Safety and Environmental Enforcement—have been speaking out publicly about the need for regulatory involvement in maritime cybersecurity. In 2017, maritime operations are expected to emerge as the next frontier of cybersecurity regulation affecting in the energy industry.