Journal of Energy Security

Text size
  • Increase font size
  • Default font size
  • Decrease font size
Home Lighthouse

Lighthouse: Energy Security Thoughts & Snippets

Al Qaeda Document Targets Energy Infrastructure On Land and Underwater

From the Telegraph

The document, written by al-Qaeda planner Younis al-Mauretani, suggests planting recruits in jobs which could later be useful in attacks, such as oil or gas transportation, and directing supporters to study chemistry and physics. [...]

 Al-Mauretani identifies the massive petrochemical facility at Abqaiq in Saudi Arabia as a potential target for aerial attack.

The 17-page document includes a suggestion that al-Qaeda should use submarines to explore the layout of underwater gas pipelines, in order to mine them. This idea is given serious consideration in the document which notes that the pipelines have safety valves every 6 miles that need to be taken into account when planting mines. 

 

 

Chavez, Venezuela, and the oil market

CNBC:

Gal Luft, co-director at the Institute for the Analysis of Global Security and a senior adviser to the U.S. Energy Security Council said that though a Chavez departure may already be well factored into prices, it won't "translate into market calmness before it is clear what the nature of the new leadership is."

Clarity over who will be running state-oil producer PDVSA will be equally important, Luft said. "The company has been battered by terribly ineffective personnel changes and removal of competent leadership which has been replaced by political appointees," he said. "Once we begin to see changes in the company's leadership, reflecting professionalism and competence, that could mean the company is making a U-turn, becoming attractive for investors."

Meanwhile, a former executive at PDVSA told CNBC that Venezuela has lost its ability to influence global oil markets because years of under investment in the OPEC (Organization of Petroleum Exporting Countries) member's petroleum industry has constrained production.

"Venezuela is a weak OPEC hawk, as it has no sufficient production to influence prices," said Gustavo Coronel, a founding member of the board of state-oil firm Petroleos de Venezuela. "Venezuela is no longer a factor that can really upset the markets as it was the case 20 years ago."

Gustavo Coronel outlined in the July 2012 JES what it will take for PDVSA to recover

Energy frontiers in North America

Energy frontiers in North America

Bomb disables Iraq fuel oil pipeline

From Reuters, via the Lebanese Daily Star

Once again, terrorists have targeted the vulnerable energy sector. 

Attackers bombed and disabled a pipeline carrying fuel oil from Iraq's largest refinery to a province north of Baghdad, the oil ministry said on Sunday.

 "A bomb attack led to an explosion in the 16-inch pipeline transporting fuel oil from Baji refinery to Nineveh province," said ministry spokesman Asim Jihad.

US Administration’s Strategy to Mitigate the Theft of U.S. Trade Secrets

From the White House 

Victoria Espinel, the U.S. Intellectual Property Enforcement Coordinator, announced the launch of a new strategy to protect intellectual property. She cited President Obama's State of the Union Address in which he said,  “we cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.”

The Strategy that we are releasing today coordinates and improves U.S. Government efforts to protect the innovation that drives the American economy and supports jobs in the United States. As the Strategy lays out, we are taking a whole of government approach to stop the theft of trade secrets by foreign competitors or foreign governments by any means – cyber or otherwise.

President Obama's Cybersecurity Executive Order

From the White House

In his 2013 State of the Union address, President Barack Obama emphasized the importance of securing our energy systems from cyber attacks. 

America must also face the rapidly growing threat from cyber-attacks. Now, we know hackers steal people’s identities and infiltrate private emails. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.

And that’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs, and our privacy.

But now Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks. This is something we should be able to get done on a bipartisan basis.

The full text of the Executive Order

 

 

Securing Afghan Energy Supplies from Attack

From the US Army
 
Frank Kendall, undersecretary of defense for acquisitions, technology and logistics, and Gary J. Motsek, deputy assistant secretary of defense (Program Support) were in Afghanistan last week, reviewing operational energy security strategies. 
 
The Persistent Threat Detection System, or PTDS, is fielded by Program Executive Office Intelligence Electronic Warfare & Sensors, and personnel manning the systems fall under the 401st. 

"PTDS is a large aerostat tethered to a mooring platform, which is accompanied by a Ground Control Station," Lt. Col. Michael Parodi, product manager for Meteorological and Target Identification Capabilities, was quoted as saying in an article published Jul. 2, 2012. "The system is equipped with both visual and audio surveillance technology and acts as a force multiplier for commanders on the ground."

Parodi added that PTDS can be utilized to scan large areas for potential insurgent activity while interacting with various sensors to provide a complete picture of potential threats.

White House to issue cybersecurity order Wednesday

From The Hill

With the State of the Union approaching this evening at 9pm, Cybersecurity is sure to play a role. The Hill reports anticipation that the President will follow up the SOTU with an announcement on cybersecurity.

The White House is poised to release an executive order aimed at thwarting cyberattacks against critical infrastructure on Wednesday, two people familiar with the matter told The Hill.

The highly anticipated directive from President Obama is expected to be released at a briefing Wednesday morning at the U.S. Department of Commerce, where senior administration officials will provide an update about cybersecurity policy.

The executive order would establish a voluntary program in which companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government. 

Observers are expecting the president to briefly mention the need for the country to improve its defenses against cyberattacks during his State of the Union address on Tuesday. 

According to The Hill, White House Cybersecurity Coordinator Michael Daniel, Commerce Department Deputy Secretary Rebecca Blank, Department of Homeland Security Deputy Secretary Jane Holl Lute and National Security Agency Director Gen. Keith Alexander may participate in Wednesday’s briefing.   

Pirates Seize Oil Tanker in Ivory Coast

From Voice of America:

Armed men have hijacked a tanker carrying 5,000 tons of oil from a port in Ivory Coast. [...]

A total of five incidents were reported off Ivory Coast in 2012, up from one the previous year. In October, suspected Nigerian pirates seized a tanker carrying more than 30,000 tons of gasoline off the coast of Abidjan, the first reported hijacking in the country.

 

World Politics Review: Why Energy Terrorism is Nothing New and Hard to Stop

From World Politics Review

Anne Korin was interviewed on the attractiveness of the energy sector for terrorists: 

In mid-January, militants raided Algeria’s In Amenas gas field, sparking a crisis that ended with the deaths of at least 37 hostages. Anne Korin, co-director of the Institute for the Analysis of Global Security, an energy security research organization, explained in an email interview why the oil and gas industry is an attractive target for terrorists.

 

Africa's Energy Facilities Could Face More Sophisticated Attacks

From Voice of America

IAGS' Dr. Gal Luft was interviewed in a report on the the relationship between energy security and oil costs.

Gal Luft, an energy expert, said cyber attacks are a growing concern for energy companies.

"As cyber terrorists realize the vulnerability, they may improve their technical sophistication and eventually develop capabilities that could wreak havoc in global oil and gas markets," said Luft.

So far, the most serious cyber attacks have been aimed at power grids  rather than at oil or gas production. Luft said, however, that could change.

Meantime, oil prices that spiked right after the Algeria attack remain high.

 

EU Cybersecurity Strategy Under Fire

From IT Management:

February 05, 2013, 10:41 AM — The European Commission's long-awaited Cyber Security Strategy will be presented on Thursday and as written, it would force private companies, so-called "enablers of information society services," to report all data breaches or cyber security incidents to national authorities.

With leaked drafts of the text circulating in Brussels, the strategy has come under fire before it has even been formally announced. Industry leaders are worried that extending the scope of reporting mandates could harm business, while European digital rights group EDRi said that the move would give national authorities access to "sufficient information from almost everyone online" in breach of the European Convention on Human Rights. [...]

The Commission draft text says that "synergies between civilian and military approaches in protecting critical cyber assets should be enhanced" and adds that the Budapest convention on cybercrime should serve as a model for future plans. But, said the official, "we are not China, we are not trying to use cyber security to control what is on the web."

Read More

 

 

Vulnerable: Persian Gulf Marine Security

From Defense Systems:

In one of the first visible effects on force readiness of the looming threat of across-the-board budget cuts scheduled to go into effect next month, the  Defense Department has delayed the deployment of the aircraft carrier USS Harry S. Truman and USS Gettysburg to the Persian Gulf.

The two vessels were scheduled to depart Norfolk, Va., this week for the U.S. Central Command area of responsibility.

Read more

Department of Energy Hacked

From CSO:

Bill Gertz, of The Washington Free Beacon, reported Monday that unnamed Energy Department officials confirmed that there had been an attack on servers at the agency's Washington headquarters about two weeks ago.

Gertz reported that the sources told him that 14 computer servers and 20 workstations were penetrated, that personally identifiable information of several hundred employees was compromised, but that no classified information was exposed.

Read More

 

Buildings Vulnerable to Cyberattack

From Reuters

SAN JUAN, Puerto Rico, Feb 5 (Reuters) - A widely used system for controlling electricity, heating and other systems inside buildings remains vulnerable to attacks over the Internet, despite warnings from U.S. officials, researchers said on Tuesday.

The Niagara control system from Honeywell International Inc's Tridium division are configured to connect to the Internet by default, even though that is not necessary for them to function, two researchers from security firm CyLance said at a security conference in San Juan, Puerto Rico.

 

In their presentation, the two researchers showed that some 21,000 Niagara systems used at hospitals and other facilities can currently be accessed via the public Internet, using a specialized search engine known as Shodan.

Read MOre

 

Aerospace and Defense Targeted by Advanced Persistent Threat

From FireEye blog:

FireEye discovered an APT campaign consistently targeting companies in the aerospace and defense industries. The campaign has been in effect for sometime now.

We have seen this campaign use both email and drive-by downloads as a means of infecting end users. The threat actor has consistently used attachment names of documents/white papers released by well-known companies. The malicious email attachment exploits some common vulnerabilities in PDF and DOC files.

[...] this campaign has been targeting companies in the Aerospace and Defense vertical in waves. There is no specific pattern to this attack, we have seen days on which multiple weaponized emails were sent to several companies, and on other days we observed that the threat actor sent only one email to a specific target organization. The chart below shows Beebus attacks in the last year.

Read More

 

 

Preemptive Cyberstrikes Loom

From the New York Times:

A secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad, according to officials involved in the review. 

That decision is among several reached in recent months as the administration moves, in the next few weeks, to approve the nation’s first rules for how the military can defend, or retaliate, against a major cyberattack. New policies will also govern how the intelligence agencies can carry out searches of faraway computer networks for signs of potential attacks on the United States and, if the president approves, attack adversaries by injecting them with destructive code — even if there is no declared war.

The rules will be highly classified, just as those governing drone strikes have been closely held. John O. Brennan, Mr. Obama’s chief counterterrorism adviser and his nominee to run the Central Intelligence Agency, played a central role in developing the administration’s policies regarding both drones and cyberwarfare, the two newest and most politically sensitive weapons in the American arsenal.  

Read More 

What To Do About Chinese Cyber Espionage?

From the Council on Foreign Relations:

A few days after the New York Times, Wall Street Journal, and Washington Post all admitted that their computer networks had been attacked, apparently by China-based hackers, it seems fair to say that both sides agree the “naming and shaming” approach to the problem is not working. The United States can call China out, but it has no real affect on behavior.

In one of the interviews she did in her last days as secretary of state, Hillary Clinton said that “We have to begin making it clear to the Chinese—they’re not the only people hacking us or attempting to hack us—that the United States is going to have to take action to protect not only our government, but our private sector, from this kind of illegal intrusions.”  

Read More 

The Start of the Cyber Cold War?

From CNAS:
 
In his commentary The Internet Yalta, Alexander Klimburg, Fellow and Senior Adviser at the Austrian Institute for International Affairs, argues that the December 2012 meeting of the World Conference on International Telecommunications (WCIT) may be the digital equivalent of the February 1945 meeting of the Allied powers in Yalta: the beginning of a long Internet Cold War between authoritarian and liberal-democratic countries. Klimburg contends that the battles over Internet governance that surfaced at WCIT are not just about competing visions of the Internet: They are also about two different visions of political power.
 

Chinese Military Connection to NY Times Attack

From Wired and New York Times

The New York Times has been hacked, prompted by an investigation by the New York Times into the amassed fortune of Chinese Prime Minister Wen Jiabao's family. 

The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. They apparently used the same university computers that hackers working for the Chinese military used previously to attack Defense Department contractors.

Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.

During the three months they were in the paper’s network, the attackers installed 45 pieces of custom malware, though nearly all of it went undetected. Although the newspaper uses antivirus products made by Symantec, the monitoring software identified and quarantined only one of the attacker’s tools during that time, according to the report.

Michael Higgins, chief security officer at The Times, said: “Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

In Amenas Attack Predicted in Advance

From CNBC
Exclusive Analysis, a London-based risk assessor and forecaster, warned twice last year that oil and gas assets in southern Algeria and foreign personnel employed there could be the target of kidnapping and attacks by Jihadist militants.

In an ominously near-accurate prediction, intelligence experts at the firm referred to the In Amenas gas plant by name, warning foreign employees working there "would be at risk" from kidnapping for ransom.

[...]"Weeks before September 11 the U.S. intelligence warned against plane hijacking but the White House couldn't address the threat appropriately because it wasn't specific enough," said Dr. Gal Luft, a senior adviser to the United States Energy Security Council and a former lieutenant colonel in the Israel Defense Forces.

"Issuing a warning is easy; acting on them is a whole different matter," Luft added. "My main takeaway from the episode is the importance of better coordination between private and public sectors in such energy compounds. Our experience shows that many of the attacks are aided by insiders who are not sufficiently vetted."

Page 3 of 5

Videos

US Energy Security Council RT discussion

New Books

Petropoly: the Collapse of America's Energy Security Paradigm
Energy Security Challenges for the 21st Century

"Remarkable collection spanning geopolitics, economy and technology. This timely and comprehensive volume is a one stop shop for anyone interested in one of the most important issues in international relations."
U.S. Senator Richard G. Lugar


"A small masterpiece -- right on the money both strategically and technically, witty, far-sighted, and barbeques a number of sacred cows. Absolutely do not miss this."
R. James Woolsey, Former CIA Director

"The book is going to become the Bible for everyone who is serious about energy and national security."
Robert C. McFarlane, Former U.S. National Security Advisor
Russian Coal: Europe's New Energy Challenge
Banner
Banner
Banner
Banner