Posts Tagged ‘oil and gas’
Friday, July 11, 2014 @ 04:07 PM gHale
If this doesn’t convince all that security is necessary, then nothing will: Almost 70 percent of companies surveyed responsible for the world’s power, water and other critical functions have reported at least one security breach that led to the loss of confidential information or disruption of operations in the past year.
Of the 599 security executives at utility, oil and gas, energy and manufacturing companies, 64 percent of respondents anticipated one or more serious attacks in the coming year, according to the report conducted by Unisys and the Ponemon Institute. Despite this risk, only 28 percent ranked security as one of the top five strategic priorities for their organization. Flying in the face of one of the major reasons to users should implement security, a majority of those surveyed said their top business priority is minimizing downtime.
“The findings of the survey are startling, given that these industries form the backbone of the global economy and cannot afford a disruption,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “While the desire for security protection is apparent among these companies, not nearly enough is actually being done to secure our critical infrastructure against attacks.”
Only one in six respondents describe their organization’s IT security program or activities as mature. Respondents who reported suffering a data breach within the past year most often attributed these breaches to an internal accident or mistake, and negligent insiders were the most cited threat to company security. Despite these findings, only six percent of respondents said they provide cybersecurity training for all employees.
“Whether malicious or accidental, threats from the inside are just as real and devastating as those coming from the outside,” said Dave Frymier, chief information security officer at Unisys. “We hope the survey results serve as a wake-up call to critical infrastructure providers to take a much more proactive, holistic approach to securing their IT systems against attacks. Action should be taken before an incident occurs, not just after a breach.”
The survey also highlighted the concerns many of these executives feel regarding the security of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, which monitor and control the processes and operations for power generation and other critical infrastructure functions.
When asked about the likelihood of an attack on their organizations’ ICS or SCADA systems, 78 percent of the senior security officials responded that a successful attack is at least somewhat likely within the next 24 months. Just 21 percent of respondents thought that the risk level to ICS and SCADA has substantially decreased because of regulations and industry-based security standards, which appears to mean tighter controls and better adoption of standards, along with vigilance, are ingredients to the recipe for success.
Click here for the full report.
Monday, January 13, 2014 @ 06:01 PM gHale
British oil and gas engineering firm Amec will pay $3.13 billion to pick up Swiss-based rival Foster Wheeler.
Amec said the deal would increase its position and help more than double revenues in growing markets such as Latin America and the Middle East.
The firm, which provides services and equipment for the oil and gas, mining, nuclear and renewable energy sectors, said the acquisition would also add oil and gas transport and refining capabilities to its existing extraction facilities.
Larger European contractors have been looking for acquisitions which they believe would help them expand into new regions such as Africa and newer areas such as liquefied natural gas (LNG) and shale.
Amec expects a 10 percent boost in earnings in the first 12 months after the acquisition, with returns on its investment to exceed the cost of capital in the second year.
It said the deal would also create annual cost savings of at least $75 million.
“The combination of our two businesses, Amec and Foster Wheeler, would be financially and strategically attractive,” Chief Executive Samir Brikho said.
Foster Wheeler provides engineering services and power generator equipment to the LNG, oil and gas and petrochemical sectors.
Foster Wheeler will hold shares in Amec after the deal’s completion representing 23 percent of the enlarged company, and Amec will seek a U.S. listing in connection with the transaction, the companies said.
The deal should close in the second half of this year.
Tuesday, November 5, 2013 @ 11:11 AM gHale
By Gregory Hale
The manufacturing automation industry has to take cyber security more seriously than it currently does.
“I really hope it doesn’t take a major incident to have the industry take security more seriously than it currently does,” said Darius Adamczyk, president and chief executive at Honeywell Process Solutions during his keynote address today at the EMEA Honeywell User Group (HUG) in Nice, France. “I hope this doesn’t happen to me is not a viable defense.”
The idea the industry is aware they need to understand cyber security, but doesn’t know where to start is not surprising – and believe it or not it is a sign of moving forward. It is a slow movement, but it is movement nonetheless.
How serious is the problem?
Adamczyk quoted Former Homeland Security Department Director Michael Chertoff, who spoke at an executive summit Honeywell conducted last month, saying “The single biggest threat we face is not terrorist activity, it is cyber security.”
“Cyber security is one of the most interesting areas and one we don’t take seriously enough,” he said.
Adamczyk also talked about how security can be a safety issue also.
“Safety is the single most important thing we do, whether providing safety for the process or preventing intruders on the site, cyber security is another part of safety.”
Adamczyk also talked about other initiatives and industry trends in the industry.
In terms of energy production, he said we are going through transformational times.
There has been a spike in production in the U.S. with unconventional energy. In addition, he said the North Sea is declining in production, but with some new innovations he said there could be a rebound.
In terms of regions producing energy, he said Western Europe closed 14 refineries since 2008. He said the former Soviet Union saw an increase in capacity. Middle East saw a substantial increase in capacity and national oil companies are getting more aggressive in investments. “There has been quite a change in who is making the investments.”
Mining is going through a rough time and the main reason for that is the slowdown in China. Pulp and paper, he said, has some interesting developments going on with negative growth rates predicted for North America, Western Europe and Japan, but positive growth rates in India and China.
Safety, just looking at some UK numbers which Adamczyk said is a good indicator, “safety is improving; fatalities have dropped. That is the good news. The bad news is safety has plateaued and that is a troubling trend.”
When talking about safety, the number one cause of safety incidents is operator error, Adamczyk said. That is where training and simulation programs come into play.
“It is paramount to us to provide a safe work environment,” he said.
There is one fundamental difference between safety and security and that is users can place a safety system in and know it will be working over a period of time. Yes, there has to be maintenance, but the system will be in and running. Security, though, is a very dynamic environment.
“Cyber threats change daily, monthly, and yearly,” Adamczyk said. “If you think you can put something in and you will be safe, think again.”
Thursday, August 8, 2013 @ 06:08 PM gHale
The threat toxic and combustible gases pose to the safety of plant personnel and nearby communities continues to draw intense attention.
Several catastrophic accidents, such as the Pike River mine explosion in New Zealand, have given industrial safety more prominence in the public consciousness and spurred demand for safety systems and safety instrumentation like toxic and combustible gas detectors.
The Pike River Mine disaster was a November 19, 2010 coal mining accident that began on November 2010 in the West Coast Region of New Zealand’s South Island. An explosion occurred in the mine at approximately 3:44 p.m. At the time of the explosion 31 miners and contractors were in the mine. Two miners managed to walk away, treated for injuries. The remaining 16 miners and 13 contractors, were around 5,000 feet from the mine’s entrance.
Following a second explosion on November 24 at 2:37 p.m., police believed the 29 remaining men died. Police Superintendent Gary Knowles, officer in command of the rescue operation (Operation Pike) said he believed that “based on that explosion, no one survived.” A third explosion occurred at 3:39 p.m. on November 26, and a fourth explosion occurred just before 2 p.m. on November 28.
Compliance with increasingly tough safety regulations will remain a major factor driving investment in safety systems and toxic gas detectors among oil and gas, refining, petrochemical and mining customers.
With that in mind, the worldwide market for toxic and combustible gas detectors will continue to grow next year according to a new ARC Advisory Group study.
“Protection of human lives and plant assets is critical to all organizations and that is why, even though the economic recovery has slowed down in recent years, we still expect the gas detection market to grow,” said ARC Advisory Group Analyst Inderpreet Shoker, the principal author of ARC’s “Toxic and Combustible Gas Detector Global Market Research Study.”
The toxic and combustible gas detectors market consists of hundreds of companies, with small niche suppliers and those with more product lines, systems, and strong service capabilities. However, going forward ARC sees a strong trend toward consolidation.
Large suppliers are acquiring small manufacturers to increase their market share. Acquisition helps them to expand product lines and foray into new markets by acquiring new technologies. The market is also observing new entrants through acquisitions.
Hyperspectral and infrared cameras are among the newer technologies gaining wider acceptance in recent times. These cameras can visualize various toxic and combustible gases to produce a picture of the scanned area in real-time. Well suited for detection of various types of volatile organic compounds (VOCs), these cameras are becoming an attractive option for industries such as chemical and water & wastewater.
With China and India as the growth engines, Asia represents the greatest opportunity for greenfield projects for gas detector suppliers.
However, in these developing markets enforcement of regulations sometimes slides. As a result, users tend to be less concerned about reliability than about cost. With safety issues becoming a major point of concern for the governments of these countries, ARC sees this trend changing in future. Quite a few developing countries are taking measures to improve the implementation to address rising safety issues. As a result, end users in these regions have started to overlook the cost and pay more importance to reliability and performance of the detectors.
Monday, April 8, 2013 @ 06:04 PM gHale
In a move to boost its presence in the energy business, General Electric Co. will pay $3.3 billion to acquire oilfield services provider Lufkin Industries Inc.
GE, the world’s biggest maker of jet engines and electric turbines, has expanded in the energy industry with a series of acquisitions of companies that make equipment used in oil and gas production.
The company has spent about $11 billion in acquisitions since 2007 to boost its presence in the oil and gas business, which is the conglomerate’s fastest-growing. That sector contributes about 10 percent of GE’s total revenue.
Lufkin will broaden GE’s artificial lift capabilities beyond electric submersible pumps.
Artificial lift refers to the use of external means to help lift hydrocarbons to the surface in reservoirs with low pressure, as well as to improve the efficiency of naturally flowing wells.
“The artificial lift segment is at the heart of critical changes that are helping producers maximize well potential, which translates into increased output at lower operational cost,” Daniel C. Heintzelman, chief executive of GE Oil & Gas.
The global artificial lift sector should approach $13 billion in 2013, according to Spears & Associates, GE said.
Lufkin’s fourth-quarter profit beat analysts’ estimates on demand for its pumping equipment from companies operating in energy-rich shale fields such as Bakken and Eagle Ford, despite a slowdown in overall drilling activity.
However, the company estimated that a slow recovery in the stalled U.S. onshore drilling will dent profits this quarter.
The acquisition, which is for $2.98 billion actually comes to $3.3 billion including debt, should close in the second half of 2013.
Monday, February 18, 2013 @ 12:02 PM gHale
French oil giant, Total, gave its version of the causes of the major North Sea natural gas leak, which shut down production on the company’s flagship Elgin-Franklin North Sea field for almost a year.
At the time of the leak, in March 2012, gas from the Elgin-Franklin complex accounted for about seven percent of British production.
The leak last March had been due to corrosion stress cracking caused by a reaction between grease on the threads of the well casing and bromine used in the fluid inside the well, said Patrice de Vivies, the company’s senior vice president for exploration and production for northern Europe.
In addition, a gas layer called Hod, which was 1,000 meters or about 3,300 feet above the Fulmar gas layer tapped by the well, unexpectedly began producing oil and gas, possibly because production of the lower layer affected it. He called this set of circumstances “unique.”
“It is impossible to forecast this type of incident,” de Vivies said.
Total evacuated 238 workers from the Elgin platform, about 240 kilometers or about 150 miles from Aberdeen in Scotland, after they found the leak. The platform serves a complex of fields. There was a danger the gas could catch fire, leading to a catastrophic incident. The well, known as G4, ended up plugged about two months later. The incident caused no injuries.
At the time of the shutdown, Elgin-Franklin was producing the equivalent of 140,000 barrels of oil per day in gas and liquids, making it a very large field.
de Vivies said the company had submitted plans late last year for restarting the field and it expected British authorities to accept them shortly. The company then plans to bring the field back online gradually, starting with four wells compared to 14 at the time of the incident. He said he expected production by year-end to be 70,000 barrels per day, or half of what it was at the time of the leak. By 2016, the company’s should take production levels above 140,000 barrels per day, he said.
Total had learned lessons from the leak in a field in which the gas is under high pressure and high temperature, and that the company would be more conservative about how it operated in the future, de Vivies said. He also said Total would share its findings with other companies to avoid a repeat of this type of incident.
Monday, December 31, 2012 @ 11:12 AM gHale
There are mitigation details available for a vulnerability that impacts the i-GEN opLYNX Central software, which could lead to a partial leakage of information and access to system settings, according to a report on ICS-CERT.
The mitigations work through an authentication bypass vulnerability in i-GEN Solutions opLYNX Central application.
Independent researcher Anthony Cicalla, who found the remotely exploitable vulnerability, tested the new version to validate it resolves the vulnerability. This vulnerability impacts the energy sector, mainly in Canada.
All opLYNX versions from 2.01.8 and prior suffer from the issue.
Exploitation of this vulnerability could allow access to configuration settings and other information in the opLYNX Central application.
i-GEN Solutions Corp. is a Canada-based company that provides human-machine interface (HMI), supervisory control and data acquisition (SCADA), and plant historian software to oil and gas, pipelines, chemicals, utilities, and waste water management facilities around the world.
The affected product, opLYNX Central, is a Web-based application, which i-GEN Solutions said mainly sees deployment in the energy sector in Canada.
An attacker with a low skill would be able to exploit this vulnerability with publicly available tools.
i-GEN Solutions released a new version, opLYNX 2.01.9, that resolves this vulnerability. The new version ends up automatically applied upon login.
Monday, December 10, 2012 @ 02:12 PM gHale
The main goal behind the Shamoon attack against Saudi Aramco was to take down the production of oil and gas in Saudi Arabia, a high level executive with the oil giant said Sunday.
The cyber attack against the world’s largest oil company in August that damaged 30,000 computers, but was really supposed to stop oil and gas production, said Abdullah al-Saadan, Aramco’s vice president for corporate planning.
Thanks to a solid defense in depth program installed by the integration unit, the attack on Saudi Arabia’s national oil company Saudi Aramco — which supplies a tenth of the world’s oil — failed to disrupt production. The attack though was one of the most destructive hacker strikes against a single business. Shamoon also hit natural gas giant, RasGas of Qatar.
“The main target in this attack was to stop the flow of oil and gas to local and international markets and thank God they were not able to achieve their goals,” al-Saadan said on Al Ekhbariya television.
Hackers from a group called Cutting Sword of Justice claimed responsibility for the attack, saying their motives were political and the virus gave them access to documents from Aramco’s computers, which they threatened to release. No documents have yet published.
Aramco and the Saudi Interior Ministry are investigating the attack. A ministry spokesman, Maj. Gen. Mansour al-Turki, said the attackers were an organized group operating from countries on four continents.
The virus, Shamoon infected workstations on Aug. 15. The company shut its main internal network for more than a week. General Turki said the investigation had not shown any involvement by Aramco employees. He said he could not give more details because the investigation was not complete.
Shamoon spread through Aramco’s network and wiped computers’ hard drives clean. Aramco said damage was limited to office computers and did not affect systems software that might harm technical operations.
Two former senior CIA officials first alerted ISSSource the culprit in the attack was Iran working with personnel inside the Aramco’s computer center. They said the Saudi regime is investigating the attack and is arresting suspects like operating staff, janitors, office people, and cargo handlers.
CIA sources said attack was the work of a disgruntled Shiite insider (or insiders) that had full access to the system.
Richard Stiennon at IT-Harvest, a firm that tracks and reports on evolving cyber threats, told ISSSource 30,000 computers ended up scrambled and Iran was the perpetrator. He said Iranian-trained hackers launched the attack “in deep wrath” because of the mistreatment of the Shiites at the facility, and in Syria and Bahrain — two countries where the Saudi government has reportedly aided Sunni factions in their struggle with the Alawite-dominated regime and the Shiite majority, respectively.
The Aramco attack and the attack on RasGas, a major Qatar gas works, and other energy companies over the summer were in retaliation for the U.S.-Israeli developed Stuxnet virus that infected thousands of Iran’s nuclear program centrifuges, and as payback for the severe U.S.-imposed sanctions that have sent the Iranian economy into a tailspin, the CIA sources said.
This story was complied from a series of reports on ISSSource and Reuters.
Tuesday, October 30, 2012 @ 10:10 AM gHale
Germany just overtook the U.S. when it comes to email users getting the most malicious email messages.
Germany topped the chart with 13.87% of malicious mail directed at its users, followed by Spain (7.43%), Russia (6.85%), India (6.39%), Vietnam (5.95%), Australia (5.94%), China (5.80%) and the U.S (5.62%), according to a report on September’s spam by Kaspersky. The U.S. had led the chart for the previous eight months.
Kaspersky said 3.4% of all emails contained malicious files, a drop of 0.5 percent compared to the previous month. Germany saw a six percent point rise in its detections and Spain saw a four percent rise, while United Kingdom’s share dropped two percent to 4.67%.
It was also a month for drastic changes in the top ten malware detected by Kaspersky. Long-term leader “Trojan-Spy.HTML.Fraud.gen” fell out of the top ten completely, giving its top spot to “Backdoor.Win32.Androm.kv” (aka Backdoor.Trojan and PWS-Zbot.gen.ana), a backdoor Trojan which enables remote access, found in 6.32% of the malicious emails. Right behind was “Email-Worm.Win32.Bagle.gt”, an email address harvester and malicious program downloader, and then the “Email-Worm.Mydoom.m” and “Mydoom.l” email address harvesters. Also in the top ten were four ransomware Trojans.
Of the spam that didn’t have malicious programs attached, Kaspersky noted a rise in mails with an oil and gas theme, such as bogus lottery mails apparently from Russian energy companies Gazprom and Lukoil.
They also noted an increase in spam pointing users at infected coupon sites with good imitations of legitimate Groupon mailings, the appearance of Michelle Obama’s name in lottery email which claims to come from the “World Wide Web Owner” and mass English-language mailings of the controversial film “The Innocence of Muslims” which lacked the expected malicious attachments or dangerous links.
Overall, spam levels grew by 2.3 percent points from August to reach 72.5% of all email traffic, and phishing mails tripled, to reach 0.03%.
Wednesday, August 8, 2012 @ 04:08 PM gHale
During the past decade, oil refineries in Wyoming have leaked, sprayed silica catalyst and billowed poisonous orange clouds over neighborhoods.
In addition, there have been fires, which have injured at least seven Wyoming workers.
That all has to change.
That is why this past Tuesday, representatives from all five of Wyoming’s refining companies went to Casper to meet with Gov. Matt Mead, his staff and officials from Wyoming Occupational Safety and Health Administration (OSHA), with a plan to form an industry alliance to improve workplace safety at the state’s refineries.
In keeping with Wyoming’s approach to safety and the oil and gas, mining and construction industries, the refining industry alliance would be a voluntary effort bolstered by support from the state that would identify safety challenges, set best practices, work with Wyoming OSHA in a consultation capacity rather than rely on tougher corrective and punitive actions.
“It will be your organization. … All I’m saying is we are here to offer any help, whether its data we can share or whatever. We’re not here to tell you what to do,” said former judge Gary Hartman, policy advisor to Gov. Mead.
This voluntary approach was the genesis of the Wyoming Oil and Gas Industry Safety Alliance (WOGISA).
“I found your investigators were really professional and their focus was to help us, and not just there for a gotcha (investigation). … So we’re really interested in a partnership with OSHA,” Silver Eagle Refining Inc.’s general manager Jerry Lockie told one OSHA official Tuesday.
Lockie added after dealing with some serious issues at the refinery, management is committed to “completely revamp” the culture of safety at the refinery.
“I’m encouraged that they are eager to get on board with this,” Mead said.
Even before any real collaboration began, the group of refining officials identified two main safety challenges; power outages are too frequent, and Wyoming OSHA is lacking in consultation personnel specializing in “process safety management.”
“If there’s anything we can do to help you (Mead’s staff) to get more (process safety management resources), we’ll help,” one refinery official promised.
Just this past weekend the refinery at Sinclair reported two accidents, including one that sent one worker to the hospital.