Commercial metering node
Critical events
Event description
A commercial metering node at Tube’s major gas compressor station was targeted by a cyberattack, which went unnoticed for several weeks.
Hackers infiltrated the control system and changed the flowmeter conversion rate (a flowmeter is a device that measures the volume of gas condensate entering the pipeline for custody transfer). The hackers acted subtly: they increased the condensate volume readings by about 8−10%. The changes were so minor that they didn’t raise any suspicion among the operators, and the monitoring systems detected no deviations.
Distorted data was being fed into the commercial metering unit for three weeks. As a result, the volume of condensate transferred by Tube to its major foreign customers was much less than the volume reported by the company, with an undersupply of hundreds of thousands of cubic meters. The customers, relying on their own measurements at the receiving terminals, found a discrepancy between the amount paid for and the actual amount delivered. Tube’s total losses are now estimated at tens of millions, including fines for contract violations.
After receiving complaints from its customers, Tube conducted an audit and found signs of tampering. The incident has caused both financial and reputational damage to the company: trust in Tube as a reliable provider has been shaken, leading several key partners to reconsider the terms of cooperation. The company believes competitors may be involved, looking to undermine Tube’s position.
Consequences
1. Financial damage
2. Litigation
3. Loss of clients
4. Reputational damage
5. System failures
This has happened before
The Record
Russian hacktivist threat on Canada's pipelines is "call to action," top cyber official says
A cybersecurity incident affecting a Canadian gas pipeline was revealed in a trove of leaked U.S. intelligence materials that included an apparently intercepted conversation between a hacking group known as Zarya and an officer at Russia's Federal Security Service (FSB). According to the document, marked Top Secret, during this conversation the hackers claimed they could "increase valve pressure, disable alarms, and initiate an emergency shutdown of an unspecified gas distribution station" located in Canada.
A commercial metering node at Tube’s major gas compressor station was targeted by a cyberattack, which went unnoticed for several weeks.
Hackers infiltrated the control system and changed the flowmeter conversion rate (a flowmeter is a device that measures the volume of gas condensate entering the pipeline for custody transfer). The hackers acted subtly: they increased the condensate volume readings by about 8−10%. The changes were so minor that they didn’t raise any suspicion among the operators, and the monitoring systems detected no deviations.
Distorted data was being fed into the commercial metering unit for three weeks. As a result, the volume of condensate transferred by Tube to its major foreign customers was much less than the volume reported by the company, with an undersupply of hundreds of thousands of cubic meters. The customers, relying on their own measurements at the receiving terminals, found a discrepancy between the amount paid for and the actual amount delivered. Tube’s total losses are now estimated at tens of millions, including fines for contract violations.
After receiving complaints from its customers, Tube conducted an audit and found signs of tampering. The incident has caused both financial and reputational damage to the company: trust in Tube as a reliable provider has been shaken, leading several key partners to reconsider the terms of cooperation. The company believes competitors may be involved, looking to undermine Tube’s position.
Consequences
1. Financial damage
2. Litigation
3. Loss of clients
4. Reputational damage
5. System failures
This has happened before
The Record
Russian hacktivist threat on Canada's pipelines is "call to action," top cyber official says
A cybersecurity incident affecting a Canadian gas pipeline was revealed in a trove of leaked U.S. intelligence materials that included an apparently intercepted conversation between a hacking group known as Zarya and an officer at Russia's Federal Security Service (FSB). According to the document, marked Top Secret, during this conversation the hackers claimed they could "increase valve pressure, disable alarms, and initiate an emergency shutdown of an unspecified gas distribution station" located in Canada.
If you have any questions about participation or the battle itself,
please contact us at
hello@standoff365.com
please contact us at
hello@standoff365.com
Copyright © 2025 Standoff 365. All rights reserved.
EN
