Possible cyber and bomb attacks plague Canadian oil pipelines
Canadian oil pipelines, oil storage and shipment facilities are at risk of cyber espionage and attacks according to the country’s main spy agency.
A recently obtained leaked document, originally published last May by the Canadian Security Intelligence Service (CSIS), highlighted the heightened risk in the energy sector, where opposition to pipelines has ramped up in Canada. The country is currently home to the world’s third-largest oil reserves.
In the document, which features speaking notes prepared for a CSIS briefing with energy and utilities sector stakeholders, an unidentified official specifies a threat from foreign state-owned firms looking for confidential information about investments or takeovers.
“You should expect your networks to be hit if you are involved in any significant financial interactions with certain foreign states,” the official said in the document while claiming that evidence of such espionage has been found in the past.
The document, parts of which were obscured for security reasons, did not show the foreign states whose companies may be linked to industrial espionage or their purported Canadian victims.
In June 2015, several Canadian government websites and servers were brought down for several hours in a cyber-attack with internet group Anonymous later claiming responsibility.
A spokeswoman for Public Safety Canada, which oversees CSIS, said there has been “growth in attempted cyber-attacks”, but declined to comment on specific incidents or threats, citing the demands of privacy and national security.
In 2012, CSIS told the government that takeovers by Chinese companies may threaten national security. At the time, China’s state-owned CNOOC had bid for Canadian producer Nexen.
The document also warned the sector was “vulnerable to explosives” and identified potential targets. In the document, the CSIS official referred to “terrorist attacks” since 2014 in Canada and abroad, saying even large-scale attacks are “technically simple”.
Last year, five oil pipelines carrying Canadian crude in the US were halted in coordinated attacks by environmental protesters, showing the ease with which people with no technical expertise can disrupt the industry.
Energy companies already use surveillance cameras, helicopters, remote sensors and drones to monitor some 119,000km of pipelines across Canada, carrying 3.4 million barrels of crude a day, and have an agreement to collaborate during an emergency.
But security experts and energy industry officials have said it is impossible to lower the threat to zero.
Last week, vandals used on-site equipment to damage a pipeline under construction in Canada’s oil heartland of Alberta.
Asked about the document, CSIS spokeswoman Tahera Mufti did not address details about the industry meeting or the briefing official’s description of physical threats to Canada’s energy infrastructure.
She said only that the agency’s overall threat assessment for the energy sector has remained constant, and that the sector is a target globally for cyber-attacks. Detecting such threats is a “key national security priority”, she said.
Major energy infrastructure companies in Canada, including TransCanada Corp and Enbridge, declined to say whether they sent representatives to the meeting.
The Canadian Energy Pipeline Association, which includes major pipeline companies but did not attend the meeting, said its members have a “robust cyber security program” to prevent espionage.
In November, Canada pledged to end the use of coal in electricity generation by 2030 in line with its commitment to the Paris climate change agreement which could further heighten the importance of oil security for its energy networks.