While the EDI systems may be entry points for hackers, they are likely not the ultimate target, said Jim Guinn, managing director and global cybersecurity leader for energy, utilities, chemicals and mining at Accenture PLC, a technology consulting company.
“There is absolutely nothing of intrinsic value for someone to infiltrate the EDI other than to navigate a network to do something more malicious,” Guinn said by telephone Tuesday. “All bad actors are looking for a way to get into the museum to go steal the Van Gogh painting.”
He also said there is nothing inherently different about oil and gas EDI systems.
US oil and gas pipelines have previous been seen as attractive cyber attack targets:
This isn’t the first time U.S. pipelines have been targeted. In 2012, a federal cyber response team said in a note that it had identified a number of “cyber intrusions” targeting natural gas pipeline sector companies. The group, the Industrial Control Systems Cyber Emergency Response Team, is a division of Homeland Security.
“It’s important to recognize that this does not appear to be an attack on an operational system,” said Cathy Landry, a spokeswoman for the Interstate Natural Gas Association of America. “An attack on a network certainly is inconvenient and can be costly, and something any company – whether a retailer, a bank or a media company — wants to avoid, but there is no threat to public safety or to natural gas deliveries.”