Peak Oil News and Message Boards

My understanding from an early report was that the “hacking” was not of the pipeline infrastructure itself and the actual pipeline operations were nit impeded. It was some back office software (billing?) that got hit.

Is that correct? Has there been any more info on the specifics?

We have been sort of int he middle of the mess. I had a 3/4 tank and 10 gallons on deck when it hit. We were never totally without gas in this town but I did see some lines. We still have stations running out but the lines are gone.

We are driving about 7 hours to my kids house tomorrow. Plenty of fuel to get over the Chesapeake Bay Bridge/Tunnel and virtually no closures North of there.

Somewhere I read most folks do not fuel until 1/8th tank. So when a scare like this hits there are a lot of half empty fuel tanks in vehicles. That is why just topping up is such a big problem; it creates a demand spike and many folks are nearly out.

Newfie wrote:My understanding from an early report was that the “hacking” was not of the pipeline infrastructure itself and the actual pipeline operations were nit impeded. It was some back office software (billing?) that got hit.

Is that correct? Has there been any more info on the specifics?

Newf, from what I read over the weekend (but from uncited sources in the articles), the billing being screwed up was a BIG part of the problem. That apparently, they couldn't have properly billed when delivering the gasoline, and didn't want the mess and risk of financial loss from that.

So, I think that was at least a big part of it.

Those articles though, did NOT say that there were no issues with the pipelines -- just implied that the pipelines were not the major issue, and far from the only issue.

Corporations are there, primarily, to make a profit. So this doesn't sound like an unreasonable scenario, if the billing software was truly down and out. (A tanker truck holds a lot of gasoline).

newfie - I keep forgetting to point out what is obvious but only to folks familiar with pipeline dynamics. First, the CP didn't "run dry". It still had all the fuel in it: actually takes a big effort to empty a long pipe line like the CP. At least 2 months or so. Second, on average how long does it take for a gallon of gasoline from Houston to reach New Jersey: 45 days. Moves at about 5 mph. The CP pumps into numerous local distribution fuel terminals along that 5,500 mile run. Typical through smaller pipelines. From those terminals to users (gas stations, etc) via tanker trucks. I have no doubt those terminals had at least several days in storage. Many if not most a week or more.

In that case the gas stations ran dry due to a lack of tanker trucks: no city has enough trucks to haul fuel to EVERY GAS STATION each day. Normally not a problem since all the stations don't run dry in a day or two. But when folks start panic buying they tend to. All that missing fuel was still out there: just in everyone's automobiles. Which is why you see very few if any news stories today about ling lines at stations: folks are burning up all that extra fuel stored in their cars. And now that the CP has started to move again all that fuel has been just sitting in the CP is now refilling all those fuel terminals that were being emptied. But still not enough trucks to refill all those empty stations in a couple of days.

Rockman,

Thanks for the explanation. Makes sense.

Our rental property runs on home heating oil. We have an auto fill contract. In the last 3 years they have run us out twice. The first time for 4 or 5 days. After the first incident I put a 50 gallon aux tank with pump next to the main tank. Ya think I could get one of the tenants to refill it?

The fuel oil company said it was an unexpected cold snap. I was thinking they were messing with the market to get lower prices and got caught short when the cold snap hit.

I try to stay ahead of these things but apparently most people have complete trust in the system.

mousepad wrote:

Newfie wrote:TAKE AWAY:
Control system security is achievable, 100%.

As the old saying goes. Make it 100% secure, make it 100% unusable.

Just need to make it 100% separate from "the great unwashed!", first thing I learnt when going int network security was the only secure computer was one not connected to the internet (back then it was not to even have a network interface of any kind

Dolan;

In a nut shell that is what I was driving at.

dolanbaker wrote:

mousepad wrote:

Newfie wrote:TAKE AWAY:
Control system security is achievable, 100%.

As the old saying goes. Make it 100% secure, make it 100% unusable.

Just need to make it 100% separate from "the great unwashed!", first thing I learnt when going int network security was the only secure computer was one not connected to the internet (back then it was not to even have a network interface of any kind

Only a computer that has no input is secure. And a computer without input is of no use.
A computer not connected to the internet is generally more secure than one that is connected to the internet. Yet it doesn't make it 100% secure.

Anyways. In todays world, disconnected from the internet is a huge burden on usability. Status, control, data gathering and analysis is expected to be distributed and available instantly and everywhere where needed. Not just at the plant (or along the pipeline).

Mousepad,

It all depends upon the system you are working with. My experience was with transit control centers. Because a major vendor in that field also played in nuclear control centers I saw they had similar concerns, but only from a distance.

It is true that a closed system cam be “hacked”, or infected from a thumb drive, and that requires a physical presence.

The vast majority of the data does not need to be distributed. And what is to he distributed can be done by through one way portals.

It is not impossible and proper implementation can be done efficiently. And there is nothing more inefficient than a hacked system.

Now most of my experience is now 10+ years old, but the fundamentals are still the same.