A March 2017 MIT report found that both electricity and oil-and-gas industry leaders “believed that unduly complex, and insufficiently secure, hardware, software, and industrial controls were a significant source of cyber vulnerabilities.”
Since 9/11, no new rules or regulations have been promulgated to address pipeline or LNG facility security or cybersecurity. Although the Transportation Security Administration (TSA) recently released an updated version of its “Pipeline Security Guidelines” (Guidelines) that were last issued in 2011, those Guidelines remain advisory.
Sophisticated malware and unsophisticated home-network security, and it’s a harbinger of the sorts of pervasive threats — from nation-states, criminals and hackers — that we should expect in coming years.
We need to review those security measures, come up with better ones and test them extensively against any possible threat. The first thing that needs to happen is increased security on the technical level.