11 minute read
Pipeline news
WORLD NEWS WORLD NEWS
Colonial Pipeline hack prompts new US cyber security bill
In an Executive Order published on 12 May 2021, entitled: ‘Improving the Nation’s Cybersecurity’, US President Joseph Biden declared an intention to “make bold changes and significant investment” in protecting against cyberattacks.
The Executive Order includes nine areas of change: policy; removing barriers to sharing threat information; modernising federal government cybersecurity; enhancing software supply chain security; establishing a cyber safety review board; standardising the federal government’s playbook for responding to cybersecurity vulnerabilities and incidents; improving detection of cybersecurity vulnerabilities and incidents on federal government networks; improving the federal government’s investigative and remediation capabilities; and national security systems.
The Order states that “the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.”
As noted in the administration’s accompanying Fact Sheet, the Executive Order is a direct response to recent high-profile cybersecurity incidents. The executive action follows the Colonial Pipeline ransomware attack, in which the oil pipeline system was targeted by a criminal cybergroup encrypting its system and demanding a ransom. Although the attack was aimed at business technology, it caused Colonial Pipeline to shut down operations on a major pipeline serving the Northeast, leading to gas shortages and panic buying.
ISACA survey: IT security experts share insights
In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1200 members in the US and found that 84% of respondents believe ransomware attacks will become more prevalent in the second half of 2021.
The Colonial Pipeline attack resurfaced preparedness for ransomware attacks as a front-burner topic for enterprises around the world.
Colonial reportedly authorised a ransom payment of US$4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organisation would pay the ransom if a ransomware attack hit their organisation. Only 22% say a critical infrastructure organisation should pay the ransom if attacked.
“In a vacuum, the guidance not to pay makes total sense. We don’t want to negotiate with criminals,” said Dustin Brewer, Senior Director of emerging technology and innovation at ISACA. “But when you need to get your business back online, a cost/benefit analysis is going to come into play, and a company is going to do what it needs to do to have continuity. Good cyber-hygiene has to be a focus to avoid getting to this point.”
Among the survey’s other findings: ) 85% of respondents say they think their organisation is at least somewhat prepared for a ransomware attack, but just 32% say their organisation is highly prepared.
) Four in five respondents say their organisation is more prepared for ransomware incidents now than four years ago, when the
WannaCry, Petya and NotPetya attacks inflicted major damage.
And two-thirds of respondents expect their organisation to take new precautions in the aftermath of the Colonial Pipeline incident.
) Nearly half of respondents (46%) consider ransomware to be the cyberthreat most likely to impact their organisation in the next 12 months.
US government prepares to boost pipeline cyber protections
The Biden administration is reportedly working with pipeline companies to strengthen protections against cyberattacks following the Colonial Pipeline hack.
The Transportation Security Administration (TSA), a unit of the Department of Homeland Security (DHS), “is co-ordinating with companies in the pipeline sector to ensure they are taking all necessary steps to increase their resilience to cyber threats and secure their systems,” reports Reuters.
The TSA is also reported to be collaborating with another branch of DHS, the Cybersecurity and Infrastructure Security Agency. DHS said it will release more details “in the days ahead,” without providing particulars.
Representative Bennie Thompson, Chair of the Homeland Security Committee in the House of Representatives, called the move “a major step in the right direction towards ensuring that pipeline operators are taking cybersecurity seriously and reporting any incidents immediately.”
GlobalData: Colonial attack will concentrate government and operators’ minds on ransomware threat
Following the disclosure of the cyberattack on the Colonial Pipeline, David Bicknell, Principal Analyst, Thematic Research at GlobalData, a leading data and analytics company, offers his view:
“The economic impact wrought by this cyberattack will bring home to government and energy operators the vulnerabilities in critical infrastructure. “This is not the first ransomware cyberattack on an oil and gas utility – and it won’t be the last – but it is the most serious. It is also potentially one of the most successful cyberattacks against US critical national infrastructure.
“Although cyberattacks have typically targeted corporate IT systems, the risk of those jumping across to operational technology (OT) systems has become much more prevalent.
“The security industry must find a way to help organisations - especially utilities - develop both defensive measures to prevent these attacks and the requisite best practice for responding to them.”
IN BRIEF
Medallion Pipeline Company, LLC has announced that it has launched a non-binding open season for its capacity that is leased on EPIC Crude Pipeline, LP’s crude oil pipeline system. The open season started on 24 May, 2021 and will close on 25 June, 2021 at 4:00 p.m. Central Daylight Time.
BRAZIL
Gas infrastructure company Fluxys and institutional investor EIG Global Energy Partners have completed the announced transfer of EIG’s minority stake in Brazilian gas transmission system operator TBG (Transportadora Brasileira Gasoduto Bolívia-Brasil). TBG owns and operates the 2600 km Brazilian section of the Bolívia-Brazil gas pipeline.
Chevron Corporation (Chevron) and Noble Midstream Partners LP (Noble Midstream) have announced that the companies have completed the previously announced acquisition, which resulted in Noble Midstream becoming an indirect, whollyowned subsidiary of Chevron.
ASSOCIATION NEWS
IPLOCA’s Annual Convention that was scheduled to take place from 13 to 17 September 2021 at the Hilton Prague hotel, Czech Republic, has been postponed. The new dates for the Prague Convention are now confirmed for 19 - 23 September 2022.
The Shell Robert Training and Conference Centre in Louisiana has established a new partnership with Maersk Training, which will see the global safety specialists deliver enhanced training to the Gulf of Mexico offshore workforce.
WORLD NEWS WORLD NEWS
Siemens Energy announces cybersecurity collaboration with ServiceNow
Siemens Energy has announced a “Most energy companies struggle with collaboration with ServiceNow to create a the complex technological and economic unified software service offering enabling challenges involved in monitoring, detecting energy companies to monitor, detect and and preventing cyberattacks on critical respond to cyber threats targeting digitally infrastructure. Our MDR, powered by Eos.ii, connected critical infrastructure. solution, is the first AI-based platform built
The new solution brings together to provide visibility and context across the Siemens Energy’s artificial intelligence (AI)- energy industry’s digital operating based software from its Managed Detection environment in time to stop attacks,” said and Response (MDR), powered by Eos.iiTM , Leo Simonovich, head of Industrial service to provide visibility and context Cybersecurity at Siemens Energy. across industrial operating environments “Leveraging Eos.ii’s monitoring and with ServiceNow’s Operational Technology detection software with ServiceNow’s digital Management (OT Management) systems to workflows will help turn cyber threat connect cyber threats and digital workflows intelligence into action so plant operators that allow analysts to quickly assess, can respond to incidents with precision prioritise and act against events in the field. defence at machine speed.”
The unified software solution creates a “The ability to quickly turn data into detection engine and workflows that action is critical to being able to proactively, streamline operations for cybersecurity reactively and remotely mitigate analysts to monitor anomalous or malicious cyberattacks targeting critical infrastructure. behaviour in Security Operations Centres Yet, this is one of the biggest challenges for (SOC), and energy plant operators to act on industrial innovation,” said Marshall Tyler, credible threat intelligence at machine Vice President of Industry Solutions at speed. ServiceNow.
Aegion Corporation, provider of the planned retirement of outgoing infrastructure maintenance, rehabilitation President and Chief Executive Officer and protection solutions, has announced the Charles R. Gordon. successful completion of the previously Mr. Tullman commented, “The announced transaction under which completion of this transaction represents affiliates of New Mountain Capital, LLC the exciting first step in advancing Aegion’s acquired all outstanding shares of Aegion for compelling near- and long-term growth US$30.00 per share in cash. prospects as an industry leader and a
As a result of the transaction, Aegion has protector of communities and the become a private company and its common environment. I look forward to working with stock will no longer be listed for trading on the dedicated teams as we leverage our the Nasdaq stock market. Robert (Rob) M. differentiated portfolio of technologies and Tullman has been appointed President and delivering transformational solutions to Chief Executive Officer of Aegion maintain, rehabilitate and protect critical Corporation, effective 18 May 2021, following infrastructure around the world.”
Vallourec announces its 2021 Open Innovation Challenge
Vallourec has launched its 2021 ) New power generation: marine energies Open Innovation Challenge around such as waves, thermal differences and additional levers for value creation: floating offshore wind. new energies, new businesses, field and remote services, smart pipes and pipelines and Industry 4.0. ) Pipe and pipeline re-use: to extend pipe usage’.
The Group is launching three calls ) Automatised and digitalised pipe yard: for projects to start-ups, laboratories to optimise inventory, inspection, and all and companies: other yard activities.
CONTRACT NEWS CONTRACT NEWS
EVENTS DIARY
23 - 25 August 2021
Canada Gas & LNG Exhibition & Conference 2021
Vancouver, Canada
https://canadagaslng.com/
NEW DATES: 13 - 16 September 2021
Gastech Exhibition & Conference 2021
Singapore
https://www.gastechevent.com/
NEW DATES: 21 - 23 September 2021
Global Energy Show 2021
Calgary, Canada
https://www.globalenergyshow.com/
18 - 19 October 2021
Transportation Oil and Gas Congress 2021 (TOGC 2021)
Zurich, Switzerland
https://togc.events/
20 October 2021
OpTech 2021
ONLINE CONFERENCE
https://www.worldpipelines.com/optech2021/
NEW DATES: 8 - 11 November 2021
Abu Dhabi International Petroleum Exhibition & Conference 2021 (ADIPEC)
Abu Dhabi, UAE
https://www.adipec.com/exhibition/
NEW DATES: 5 - 9 December 2021
23rd World Petroleum Congress
Houston, USA
https://www.wpc2020.com/
7 - 9 December 2021
15th annual GPCA Forum
Dubai, UAE
www.gpcaforum.net Bilfinger awarded €40 million inspection contract by Total E&P Denmark Bilfinger will perform inspection services on contributes to ensuring the integrity of the offshore assets of Total E&P Denmark Total E&P Denmark’s assets. The award (Exploration & Production). The €40 million follows two recent contract successes in contract will be booked under Bilfinger’s Denmark, making Bilfinger one of the largest Engineering & Maintenance Europe local providers of offshore non-destructive segment. testing inspection services just three years
Commencing in July 2021, the contract after the set-up of our local branch.” will run for five years with two x one-year In March 2021, Bilfinger Salamis UK was extension options. awarded a multi-million pound inspection
With a focus on advanced non- contract by Altera Infrastructure Production destructive testing (ANDT) techniques, AS. Bilfinger will provide a comprehensive range The three-year agreement sees of services on all of Total E&P Denmark’s Bilfinger extend its existing service delivery assets. The contract will be managed from with Altera Infrastructure, providing a Bilfinger’s office in Esbjerg, Denmark. range of conventional and advanced non-
“With this major contract from Total, destructive testing (ANDT) services on Bilfinger continues on its growth path in the assets operated by Altera in the UK. strategic business area of inspection services,” says Duncan Hall, Chief Operating Officer of Bilfinger. “Our skilled team
Taproot to expand midstream infrastructure in DJ Basin
Taproot Energy Partners LLC has announced that its affiliate, Taproot Rockies Midstream LLC (Taproot) has been awarded an acreage dedication for crude gathering by Confluence Resources (Confluence) for its Platte River position. The in-service date for the pipeline is expected to be 1 July, 2021.
The Confluence acreage dedication brings Taproot’s current dedicated acreage to over 325 000 acres from five producers.
“We look forward to providing worldclass midstream services and solutions to Confluence as it develops its very attractive, productive DJ Basin acreage position. As our system expands, so does producer access to crude gathering pipelines, eliminating the need for trucking and providing the safest, most environmentally friendly transportation from the wellhead,” said Garrick Brown, Taproot CCO.
“The growth Taproot has accomplished in the DJ Basin since its inception in 2018 has been remarkable. We are excited to continue our record of on-time and underbudget projects as we construct the Confluence pipeline, and providing exceptional midstream service thereafter,” said Kevin Sullivan, Taproot CEO.
THE MIDSTREAM UPDATE
• Winn & Coales International acquires the global Viscotaq business
• Hydratight and Henkel partner for pipeline and vessel repair • Ocean Infi nity acquires Abyssal • Energy Transfer celebrates 25 years • Q&A: Eff ective ways of getting your ESG message out
Follow us on LinkedIn to read more about the articles
linkedin.com/showcase/worldpipelines
