首页 500强 活动 榜单 商业 科技 领导力 专题 品牌中心
杂志订阅

美国最大燃油管道商暂停运营,仅仅是一个“警告”

Katherine Dunn
2021-05-12

令人担忧的是,科洛尼尔管道公司的运输管道暂停运营仅仅是一个开始。

文本设置
小号
默认
大号
Plus(0条)

科洛尼尔管道公司位于美国阿拉巴马州佩勒姆的一处管道设施。在2021年5月初发生网络攻击近两天后,燃料供应商担心美国东部地区可能出现汽油和柴油短缺。图片来源:Luke Sharrett—Bloomberg/Getty Images

科洛尼尔管道公司(Colonial Pipeline)的关键基础设施已经持续关闭三日,油价和天然气价格也已经摆脱潜在供应紧缺前景的影响。但让能源行业感到不安的并不是汽油供应短缺的风险。

多年来,网络安全专家和美国政府一直在警告能源行业,这一行业极易遭受勒索软件网络攻击。上周末,科洛尼尔管道公司就因此而被迫关闭运输管道。

事实上,去年就有过一次警示,当时新冠疫情正在全球蔓延,一家未披露名称的美国管道系统遭受勒索软件攻击。美国网络安全与基础设施安全局(U.S. Cybersecurity and Infrastructure Security Agency)报告称,一家天然气压缩设施的IT系统遭受鱼叉式网络钓鱼攻击,系统被植入勒索软件,导致该公司失去了对某些系统的控制权。虽然没有失去运营控制权,但该公司不得不关闭管网两天。

此次事件再次发出警告,该运营商并未制定应对网络攻击的具体应急计划,而且完全不了解如何应对网络攻击。调查这起攻击事件的美国机构称,此次事件“促使所有关键基础设施行业的资产所有者及运营商开始审查……有安全隐患的技术,并确保采取相应的缓解措施。”

换句话说就是:时刻准备好。

攻击疑似俄罗斯组织所为?

此次事件是一次预警。5月10日,俄罗斯一个名为黑暗面(DarkSide)的专业网络犯罪组织声称对此次输油管道攻击事件负责,显然是想向管道运营商科洛尼尔管道公司勒索赎金。该管道在墨西哥湾沿岸(Gulf Coast)输送燃料,负责东海岸45%的燃料供应。

位于挪威的咨询公司睿咨得能源(Rystad Energy)的石油市场分析师路易丝·迪克森称:“像美国科洛尼尔管道公司这样的关键石油基础设施遭受黑客攻击的情况并不常见。”

尽管如此,因印度等亚洲国家的能源需求由于新冠疫情下滑,受此拖累,5月10日上午油价下跌:布伦特原油下跌1.11%,WTI原油期货下跌1.28%,美国主要汽油期货合约下跌0.51%。

迪克森指出,即使输油管道几天内无法恢复运行,供应也不会受到影响,但如果关闭时间过长,油价可能会上涨。然而真正的问题并不在于潜在供应短缺:因为拜登政府已经放宽了运输限制,允许经公路运输燃料,美国可以使用其充足的库存。此外,东海岸还能够跨越大西洋从欧洲炼油厂进口汽油和柴油。

更大的风险在于,科洛尼尔管道公司中断仅仅是一次警告。多年来,专家和业内人士一直在警告,鉴于能源系统所遭受攻击的规模和复杂性,每天可能发生多起攻击事件,并且其中的大部分攻击是针对关键基础设施,能源行业在网络安全方面的投资明显不足。一些能源巨头自己也承认,控制如此大规模、如此复杂的攻击是一大挑战,而且其中一些攻击已经成功。墨西哥国家石油公司Pemex在2019年年底就遭受了一次网络攻击,此次事件引起了广泛关注,黑客要求支付价值500万美元的比特币作为赎金。

能源行业极易遭受攻击

尽管从医院网络到美国政府等多个领域都遭受了此类攻击,但能源行业尤其易受攻击。麦肯锡公司(McKinsey)在2020年发表的一篇文章中警告称,公用事业公司和天然气公司因为其复杂性、地理分散性,加之实体和虚拟基础设施的网络重叠,更易遭受攻击。

西门子能源(Siemens Energy)在去年警告称,能源行业系统运行强度大,也会让其面临攻击风险:数字运营基础设施全天候运行,几乎不会停机。

麦肯锡警告称,攻击的动机也多种多样,有国家支持的出于地缘政治目的的攻击,例如,沙特石化设施遭受了一次广为人知的攻击,沙特政府认为此次攻击是伊朗所为;也有出于经济目的的攻击,为的是向遭受攻击的公司勒索钱财;还有“黑客行为主义者”攻击,意在对能源行业提出抗议。

目前,令人担忧的是,科洛尼尔管道公司的运输管道暂停运营仅仅是一个开始。(财富中文网)

译者:郝秀

审校:汪皓

科洛尼尔管道公司(Colonial Pipeline)的关键基础设施已经持续关闭三日,油价和天然气价格也已经摆脱潜在供应紧缺前景的影响。但让能源行业感到不安的并不是汽油供应短缺的风险。

多年来,网络安全专家和美国政府一直在警告能源行业,这一行业极易遭受勒索软件网络攻击。上周末,科洛尼尔管道公司就因此而被迫关闭运输管道。

事实上,去年就有过一次警示,当时新冠疫情正在全球蔓延,一家未披露名称的美国管道系统遭受勒索软件攻击。美国网络安全与基础设施安全局(U.S. Cybersecurity and Infrastructure Security Agency)报告称,一家天然气压缩设施的IT系统遭受鱼叉式网络钓鱼攻击,系统被植入勒索软件,导致该公司失去了对某些系统的控制权。虽然没有失去运营控制权,但该公司不得不关闭管网两天。

此次事件再次发出警告,该运营商并未制定应对网络攻击的具体应急计划,而且完全不了解如何应对网络攻击。调查这起攻击事件的美国机构称,此次事件“促使所有关键基础设施行业的资产所有者及运营商开始审查……有安全隐患的技术,并确保采取相应的缓解措施。”

换句话说就是:时刻准备好。

攻击疑似俄罗斯组织所为?

此次事件是一次预警。5月10日,俄罗斯一个名为黑暗面(DarkSide)的专业网络犯罪组织声称对此次输油管道攻击事件负责,显然是想向管道运营商科洛尼尔管道公司勒索赎金。该管道在墨西哥湾沿岸(Gulf Coast)输送燃料,负责东海岸45%的燃料供应。

位于挪威的咨询公司睿咨得能源(Rystad Energy)的石油市场分析师路易丝·迪克森称:“像美国科洛尼尔管道公司这样的关键石油基础设施遭受黑客攻击的情况并不常见。”

尽管如此,因印度等亚洲国家的能源需求由于新冠疫情下滑,受此拖累,5月10日上午油价下跌:布伦特原油下跌1.11%,WTI原油期货下跌1.28%,美国主要汽油期货合约下跌0.51%。

迪克森指出,即使输油管道几天内无法恢复运行,供应也不会受到影响,但如果关闭时间过长,油价可能会上涨。然而真正的问题并不在于潜在供应短缺:因为拜登政府已经放宽了运输限制,允许经公路运输燃料,美国可以使用其充足的库存。此外,东海岸还能够跨越大西洋从欧洲炼油厂进口汽油和柴油。

更大的风险在于,科洛尼尔管道公司中断仅仅是一次警告。多年来,专家和业内人士一直在警告,鉴于能源系统所遭受攻击的规模和复杂性,每天可能发生多起攻击事件,并且其中的大部分攻击是针对关键基础设施,能源行业在网络安全方面的投资明显不足。一些能源巨头自己也承认,控制如此大规模、如此复杂的攻击是一大挑战,而且其中一些攻击已经成功。墨西哥国家石油公司Pemex在2019年年底就遭受了一次网络攻击,此次事件引起了广泛关注,黑客要求支付价值500万美元的比特币作为赎金。

能源行业极易遭受攻击

尽管从医院网络到美国政府等多个领域都遭受了此类攻击,但能源行业尤其易受攻击。麦肯锡公司(McKinsey)在2020年发表的一篇文章中警告称,公用事业公司和天然气公司因为其复杂性、地理分散性,加之实体和虚拟基础设施的网络重叠,更易遭受攻击。

西门子能源(Siemens Energy)在去年警告称,能源行业系统运行强度大,也会让其面临攻击风险:数字运营基础设施全天候运行,几乎不会停机。

麦肯锡警告称,攻击的动机也多种多样,有国家支持的出于地缘政治目的的攻击,例如,沙特石化设施遭受了一次广为人知的攻击,沙特政府认为此次攻击是伊朗所为;也有出于经济目的的攻击,为的是向遭受攻击的公司勒索钱财;还有“黑客行为主义者”攻击,意在对能源行业提出抗议。

目前,令人担忧的是,科洛尼尔管道公司的运输管道暂停运营仅仅是一个开始。(财富中文网)

译者:郝秀

审校:汪皓

As the shutdown of Colonial Pipeline’s critical infrastructure stretches into a third day, oil and gas prices were shrugging off the prospect of a potential supply crunch. But it isn’t the risk of a gasoline shortage that is giving the industry the jitters.

For years, cybersecurity experts and the U.S. government have been warning the energy industry that it remains all too vulnerable to the kind of ransomware cyberattack that knocked Colonial offline over the weekend.

Those warnings, in fact, included an alert just last year—as the pandemic was spreading around the globe—about another, unnamed U.S. pipeline system affected by a ransomware attack. The U.S. Cybersecurity and Infrastructure Security Agency reported that a spear-phishing attack had gained access to the IT systems at a natural gas compression facility, unleashing ransomware internally that resulted in the company losing sight of some of its own systems. While it didn’t lose control of its operations, the company had to shut down its pipeline network for two days.

The alert highlighted warnings that the operator didn’t have in place a specific emergency plan to deal with cyberattacks and that it had gaps in its knowledge about how to manage them. The U.S. agency that investigated the attack said that it “encourages asset owner operators across all critical infrastructure sectors to review the…threat actor techniques and ensure the corresponding mitigations are applied.”

In other words: Get ready.

Russians suspected

It was a prescient warning. On May 10, a Russian network called DarkSide claimed responsibility for the attack on the pipeline—which runs from the Gulf Coast and provides 45% of the East Coast’s fuel supply—in an apparent effort to extort a ransom payment from the operator, Colonial Pipeline.

“It’s not often that hackers manage to hit such crucial oil infrastructure such as Colonial’s pipelines in the U.S.,” says Louise Dickson, oil markets analyst at Norway’s Rystad Energy consultancy.

Nonetheless, on May 10 morning, oil prices were feeling bearish, dragged down by the larger picture of flagging demand in Asia and India owing to the pandemic: Brent was down 1.11%, and WTI was down 1.28% on May 10 morning, while the main U.S. gasoline futures contract was down 0.51%.

Though it wouldn’t affect supplies if the pipeline isn’t back online for a few days, a more prolonged outage could lead to increased prices, Dickson notes. However, the real issue here isn’t a prospective supply shortage: The U.S. can draw from its ample inventories, as the Biden administration has loosened the rules to allow for fuel to be transported by road instead. The East Coast can also pull cargo of gasoline and diesel across the Atlantic from refineries in Europe.

The bigger risk is that the Colonial Pipeline outage is a mere warning shot. For years, experts and industry insiders have warned that the energy sector is underinvesting in cybersecurity given the scale and complexity of the attacks on its systems—multiple attacks, per day—much of it on critical infrastructure. Some energy majors have themselves admitted that managing the scale and sophistication of the attacks they see is a major challenge, and some of those attacks have been successful. Pemex, the Mexican state energy company, was hit by a high-profile attack in late 2019, when hackers demanded $5 million in Bitcoin as ransom.

Particularly vulnerable

Though such attacks have hit everything from hospital networks to the U.S. government, the energy industry is particularly vulnerable. In a 2020 article, McKinsey warned that utilities and gas companies were more at risk because of their complexity, with geographically diverse, overlapping networks of both physical and cyber infrastructure.

Siemens Energy warned last year that it was the intensity of the sector’s operational systems that also put it at risk: Operational digital infrastructure runs 24/7, with virtually no downtime.

There are also plenty of motives, McKinsey warned. They include state-backed, geopolitically motivated attacks—including a famous attack on a Saudi petrochemical facility that the Saudi government attributed to Iran; economically motivated attacks designed to extort money from desperate companies; and “hacktivist” attacks intended as a protest against the energy industry.

The worry now is that the Colonial Pipeline outage is just the beginning.

财富中文网所刊载内容之知识产权为财富媒体知识产权有限公司及/或相关权利人专属所有或持有。未经许可,禁止进行转载、摘编、复制及建立镜像等任何使用。
0条Plus
精彩评论
评论

撰写或查看更多评论

请打开财富Plus APP

前往打开