The US energy business should have learnt to be wary of the power of the DarkSide. After numerous warnings, it suffered its most disruptive cyber attack two Fridays ago when the Colonial oil pipeline was shut down after a ransomware attack, suspected to be from this gang. Cyber security needs to be improved but that alone is not enough: the energy industry needs broader resilience to such threats.
The pipeline brings refined oil products – petrol, diesel, heating oil and jet fuel – from the Texas refining complex to meet 45 per cent of consumption on the US East Coast, ultimately supplying New Jersey, New York and other states.
Hackers exfiltrated 100 gigabytes of data and then demanded payment to unencrypt the company's files. Colonial's operational systems were not affected but it shut down pipeline flows – either to prevent further dissemination or, as it now appears, because it could not bill customers. A $5 million ransom was paid to the hackers, according to Bloomberg.
Federal and state governments temporarily waived fuel quality standards and restrictions on hours and weights for road tankers. Traders booked tankers to bring refined products from Europe.
Some refiners were granted exemptions from the Jones Act, an outdated and pernicious law that requires all trade between American ports to be carried out by vessels built and flagged in the US and manned by Americans.
Nevertheless, petrol stations began to run dry: by Thursday evening, according to consumer service Gas Buddy, between half and two thirds of Georgia, Virginia, South and North Carolina were out of fuel. This was exacerbated by limited deliveries from distribution centres as tanker trucks themselves could not secure diesel, as well panic buying.
Indeed, shortages in southern Florida seem mostly to be due to hoarding as the state is primarily supplied by barges, not Colonial's network.
The company resumed pipeline flows on Thursday but it will probably take one to two weeks before service returns to normal in all areas. For the first time in six years, petrol prices rose above $3 a gallon during the interruption but, overall, the effects on demand will be slightly negative.
This is the most disruptive cyber attack in the US to date but far from the first for the energy industry. Electricity and gas pipeline companies have suffered intrusions in recent years that were either aimed at extortion or probing vulnerabilities. The US Department of Energy was one of the victims of the Solarwinds cyber espionage discovered in December.
The famous Stuxnet virus, strongly suspected to be the work of the US and Israel, damaged Iranian centrifuges in 2009 and 2010, setting back its uranium enrichment programme. The National Iranian Oil Company experienced a cyber attack in April 2012. That August, the Shamoon virus, possibly linked to Iran, wiped 30,000 computers at Saudi Aramco.
Several Saudi petrochemical companies have suffered cyber attacks since then while the Ukraine energy grid was also compromised, resulting in power cuts.
These, along with hacks on or by North Korea, are all known geopolitical flash points while growing hostility between the US and China is another. Cyber attacks have great attractions. They are deniable, difficult to identify – making it hard to apprehend perpetrators – while the damage can be gradated short of war. A group such as DarkSide could be a criminal enterprise but it could also be similar to Elizabethan privateers who were licensed by the state to attack its enemies. State agencies could use the cover of extortion attempts to conduct espionage or plant sabotage bugs.
Perhaps the surprise is not how devastating cyber attacks have been but how little damage they have done so far. There has not been serious and prolonged disruption or major physical damage or loss of life. DarkSide’s ransom from Colonial sounds like something Dr Evil would do – disconcerting his henchman by asking for only $1m.
But any of the conflicts mentioned, or others, could turn into more overt confrontations or a hacking group might go too far. Energy infrastructure – essential, exposed, expensive and explosive – is an obvious target.
Surveys suggest that energy cyber security is weak and characterised by inadequate passwords, outdated versions of Microsoft Exchange, employees who are easily duped into clicking on suspicious links, operational systems that are not properly "air-gapped" from the internet and a lack of "war games" to simulate cyber crises.
However, security improvements will not be enough – not against increasingly skilful, well resourced and motivated criminals and state-backed hackers. Digitisation and automation, remote working and operations, drones, the Internet of Things and the electrification of an economy powered by fossil fuels promise greater efficiency, cost savings and environmental gains. But they also expand vulnerabilities.
The Colonial incident exposed several major weaknesses in US energy security. Strategic petroleum stocks are nearly all along the Gulf of Mexico coast and not near other big consumption centres. The East Coast relies on a single system for about half of its petroleum demand. There are no mandatory pipeline cyber security regulations. Logistics faces the circular paradox of needing fuel to deliver fuel. The dead hand of the Jones Act constrains alternatives and there is no way to stop panic buying.
Many other countries would turn out to have similar or deeper flaws when seriously tested. February’s Texas ice storm, although not a cyber attack, highlighted the need to have electricity to deliver gas to generate electricity, and for both to make heat to keep people alive and water flowing.
Greater resilience involves a mix of improved cyber security, tougher infrastructure, duplication and back-ups, diversity of energy sources and delivery methods, more effective regulation and government powers of intervention, better accounting for human behaviour and stronger recovery plans.
Cyber attacks on energy systems will probably become more frequent, more ingenious and more disruptive. Several warnings have passed, fortunately without too much damage, but now it is time to act.
Robin Mills is chief executive of Qamar Energy and author of The Myth of the Oil Crisis
Results
5pm: Maiden (PA) Dh 80,000 (Turf) 1,400m. Winner: Al Ajeeb W’Rsan, Pat Dobbs (jockey), Jaci Wickham (trainer).
5.30pm: Maiden (PA) Dh 80,000 (T) 1,400m racing. Winner: Mujeeb, Fabrice Veron, Eric Lemartinel.
6pm: Handicap (PA) Dh 90,000 (T) 2,200m. Winner: Onward, Connor Beasley, Abdallah Al Hammadi.
6.30pm: Sheikh Zayed bin Sultan Al Nahyan Jewel Crown Prep Rated Conditions (PA) Dh 125,000 (T) 2,200m. Winner: Somoud, Richard Mullen, Jean de Roualle.
7pm: Wathba Stallions Cup Handicap (PA) Dh 70,000 (T) 1,600m. Winner: AF Arrab, Tadhg O’Shea, Ernst Oertel.
7.30pm: Handicap (TB) Dh 90,000 (T) 1,400m. Winner: Irish Freedom, Richard Mullen, Satish Seemar.
A new relationship with the old country
Treaty of Friendship between the United Kingdom of Great Britain and Northern Ireland and the United Arab Emirates
The United kingdom of Great Britain and Northern Ireland and the United Arab Emirates; Considering that the United Arab Emirates has assumed full responsibility as a sovereign and independent State; Determined that the long-standing and traditional relations of close friendship and cooperation between their peoples shall continue; Desiring to give expression to this intention in the form of a Treaty Friendship; Have agreed as follows:
ARTICLE 1 The relations between the United Kingdom of Great Britain and Northern Ireland and the United Arab Emirates shall be governed by a spirit of close friendship. In recognition of this, the Contracting Parties, conscious of their common interest in the peace and stability of the region, shall: (a) consult together on matters of mutual concern in time of need; (b) settle all their disputes by peaceful means in conformity with the provisions of the Charter of the United Nations.
ARTICLE 2 The Contracting Parties shall encourage education, scientific and cultural cooperation between the two States in accordance with arrangements to be agreed. Such arrangements shall cover among other things: (a) the promotion of mutual understanding of their respective cultures, civilisations and languages, the promotion of contacts among professional bodies, universities and cultural institutions; (c) the encouragement of technical, scientific and cultural exchanges.
ARTICLE 3 The Contracting Parties shall maintain the close relationship already existing between them in the field of trade and commerce. Representatives of the Contracting Parties shall meet from time to time to consider means by which such relations can be further developed and strengthened, including the possibility of concluding treaties or agreements on matters of mutual concern.
ARTICLE 4 This Treaty shall enter into force on today’s date and shall remain in force for a period of ten years. Unless twelve months before the expiry of the said period of ten years either Contracting Party shall have given notice to the other of its intention to terminate the Treaty, this Treaty shall remain in force thereafter until the expiry of twelve months from the date on which notice of such intention is given.
IN WITNESS WHEREOF the undersigned have signed this Treaty.
DONE in duplicate at Dubai the second day of December 1971AD, corresponding to the fifteenth day of Shawwal 1391H, in the English and Arabic languages, both texts being equally authoritative.
Signed
Geoffrey Arthur Sheikh Zayed
Jetour T1 specs
Engine: 2-litre turbocharged
Power: 254hp
Torque: 390Nm
Price: From Dh126,000
Available: Now
Museum of the Future in numbers
- 78 metres is the height of the museum
- 30,000 square metres is its total area
- 17,000 square metres is the length of the stainless steel facade
- 14 kilometres is the length of LED lights used on the facade
- 1,024 individual pieces make up the exterior
- 7 floors in all, with one for administrative offices
- 2,400 diagonally intersecting steel members frame the torus shape
- 100 species of trees and plants dot the gardens
- Dh145 is the price of a ticket
Tips to avoid getting scammed
1) Beware of cheques presented late on Thursday
2) Visit an RTA centre to change registration only after receiving payment
3) Be aware of people asking to test drive the car alone
4) Try not to close the sale at night
5) Don't be rushed into a sale
6) Call 901 if you see any suspicious behaviour
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%203S%20Money%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202018%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20London%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Ivan%20Zhiznevsky%2C%20Eugene%20Dugaev%20and%20Andrei%20Dikouchine%3Cbr%3E%3Cstrong%3ESector%3A%3C%2Fstrong%3E%20FinTech%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%3C%2Fstrong%3E%20%245.6%20million%20raised%20in%20total%3C%2Fp%3E%0A
BACK%20TO%20ALEXANDRIA
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3ETamer%20Ruggli%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3ENadine%20Labaki%2C%20Fanny%20Ardant%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3.5%2F5%3C%2Fp%3E%0A
BMW M5 specs
Engine: 4.4-litre twin-turbo V-8 petrol enging with additional electric motor
Power: 727hp
Torque: 1,000Nm
Transmission: 8-speed auto
Fuel consumption: 10.6L/100km
On sale: Now
Price: From Dh650,000
UAE squad
Esha Oza (captain), Al Maseera Jahangir, Emily Thomas, Heena Hotchandani, Indhuja Nandakumar, Katie Thompson, Lavanya Keny, Mehak Thakur, Michelle Botha, Rinitha Rajith, Samaira Dharnidharka, Siya Gokhale, Sashikala Silva, Suraksha Kotte, Theertha Satish (wicketkeeper) Udeni Kuruppuarachchige, Vaishnave Mahesh.
UAE tour of Zimbabwe
All matches in Bulawayo
Friday, Sept 26 – First ODI
Sunday, Sept 28 – Second ODI
Tuesday, Sept 30 – Third ODI
Thursday, Oct 2 – Fourth ODI
Sunday, Oct 5 – First T20I
Monday, Oct 6 – Second T20I
Who's who in Yemen conflict
Houthis: Iran-backed rebels who occupy Sanaa and run unrecognised government
Yemeni government: Exiled government in Aden led by eight-member Presidential Leadership Council
Southern Transitional Council: Faction in Yemeni government that seeks autonomy for the south
Habrish 'rebels': Tribal-backed forces feuding with STC over control of oil in government territory
Related
Tamkeen's offering
- Option 1: 70% in year 1, 50% in year 2, 30% in year 3
- Option 2: 50% across three years
- Option 3: 30% across five years
RESULTS - ELITE MEN
1. Henri Schoeman (RSA) 57:03
2. Mario Mola (ESP) 57:09
3. Vincent Luis (FRA) 57:25
4. Leo Bergere (FRA)57:34
5. Jacob Birtwhistle (AUS) 57:40
6. Joao Silva (POR) 57:45
7. Jonathan Brownlee (GBR) 57:56
8. Adrien Briffod (SUI) 57:57
9. Gustav Iden (NOR) 57:58
10. Richard Murray (RSA) 57:59
Notable Yas events in 2017/18
October 13-14 KartZone (complimentary trials)
December 14-16 The Gulf 12 Hours Endurance race
March 5 Yas Marina Circuit Karting Enduro event
March 8-9 UAE Rotax Max Challenge
More on Palestine-Israeli relations
CHINESE GRAND PRIX STARTING GRID
1st row
Sebastian Vettel (Ferrari)
Kimi Raikkonen (Ferrari)
2nd row
Valtteri Bottas (Mercedes-GP)
Lewis Hamilton (Mercedes-GP)
3rd row
Max Verstappen (Red Bull Racing)
Daniel Ricciardo (Red Bull Racing)
4th row
Nico Hulkenberg (Renault)
Sergio Perez (Force India)
5th row
Carlos Sainz Jr (Renault)
Romain Grosjean (Haas)
6th row
Kevin Magnussen (Haas)
Esteban Ocon (Force India)
7th row
Fernando Alonso (McLaren)
Stoffel Vandoorne (McLaren)
8th row
Brendon Hartley (Toro Rosso)
Sergey Sirotkin (Williams)
9th row
Pierre Gasly (Toro Rosso)
Lance Stroll (Williams)
10th row
Charles Leclerc (Sauber)
arcus Ericsson (Sauber)
Desert Warrior
Starring: Anthony Mackie, Aiysha Hart, Ben Kingsley
Director: Rupert Wyatt
Rating: 3/5
More from Rashmee Roshan Lall
Three ways to limit your social media use
Clinical psychologist, Dr Saliha Afridi at The Lighthouse Arabia suggests three easy things you can do every day to cut back on the time you spend online.
1. Put the social media app in a folder on the second or third screen of your phone so it has to remain a conscious decision to open, rather than something your fingers gravitate towards without consideration.
2. Schedule a time to use social media instead of consistently throughout the day. I recommend setting aside certain times of the day or week when you upload pictures or share information.
3. Take a mental snapshot rather than a photo on your phone. Instead of sharing it with your social world, try to absorb the moment, connect with your feeling, experience the moment with all five of your senses. You will have a memory of that moment more vividly and for far longer than if you take a picture of it.
