Separation unit
Critical events
Event description
Tube’s gas processing plant was hit by a cyberattack, which caused a serious equipment malfunction. The investigation revealed that the attackers had gained access to the plant’s industrial control system (ICS) and disrupted the operation of the separator, which plays a key role in gas production.
The purpose of the separator is to separate and remove fluid components (water, gas condensate, and liquid impurities) from the natural gas stream, so that the gas can be transported for further processing. The hackers changed the settings of the separator control valves, distorting the liquid-level monitoring data. As a result, some liquid accumulated and entered the compressor together with the gas flow, contaminating its working parts, such as blades and rotors. The plant had to stop the compressor for cleaning. It took several days to mitigate the consequences of the attack.
Drue to the incident, Tube has failed to meet the contractual deadlines for gas delivery, with preliminary damages estimated in millions of dollars. The investigation is ongoing, but so far, the identity of the attackers and their motives remain unknown.
Consequences
1. Damage to company property
2. Enterprise disruptions and downtime
3. Financial damage
This has happened before
The Record
Russian hacktivist threat on Canada’s pipelines is "call to action," top cyber official says
A cybersecurity incident affecting a Canadian gas pipeline was revealed in a trove of leaked U.S. intelligence materials that included an apparently intercepted conversation between a hacking group known as Zarya and an officer at Russia’s Federal Security Service (FSB). According to the document, marked Top Secret, during this conversation the hackers claimed they could "increase valve pressure, disable alarms, and initiate an emergency shutdown of an unspecified gas distribution station" located in Canada.
Tube’s gas processing plant was hit by a cyberattack, which caused a serious equipment malfunction. The investigation revealed that the attackers had gained access to the plant’s industrial control system (ICS) and disrupted the operation of the separator, which plays a key role in gas production.
The purpose of the separator is to separate and remove fluid components (water, gas condensate, and liquid impurities) from the natural gas stream, so that the gas can be transported for further processing. The hackers changed the settings of the separator control valves, distorting the liquid-level monitoring data. As a result, some liquid accumulated and entered the compressor together with the gas flow, contaminating its working parts, such as blades and rotors. The plant had to stop the compressor for cleaning. It took several days to mitigate the consequences of the attack.
Drue to the incident, Tube has failed to meet the contractual deadlines for gas delivery, with preliminary damages estimated in millions of dollars. The investigation is ongoing, but so far, the identity of the attackers and their motives remain unknown.
Consequences
1. Damage to company property
2. Enterprise disruptions and downtime
3. Financial damage
This has happened before
The Record
Russian hacktivist threat on Canada’s pipelines is "call to action," top cyber official says
A cybersecurity incident affecting a Canadian gas pipeline was revealed in a trove of leaked U.S. intelligence materials that included an apparently intercepted conversation between a hacking group known as Zarya and an officer at Russia’s Federal Security Service (FSB). According to the document, marked Top Secret, during this conversation the hackers claimed they could "increase valve pressure, disable alarms, and initiate an emergency shutdown of an unspecified gas distribution station" located in Canada.
If you have any questions about participation or the battle itself,
please contact us at
hello@standoff365.com
please contact us at
hello@standoff365.com
Copyright © 2025 Standoff 365. All rights reserved.
EN
