Hot Tapping, Protests, and Attacks: Protecting Pipelines from Physical Phenomena
Humans are equipped with five primary senses: hearing, sight, sound, taste, and touch. These senses have evolved to help us enjoy activities, adapt to different environments, and protect ourselves from threats. When it comes to securing critical infrastructure, however, these senses can only provide limited information or protection. And with natural gas pipelines, the threats have evolved.
“It depends on what part of the world you’re in,” says Dane Langen, PSP, who works as the global segment lead for security for Luna Innovations—a company that manufactures sensory fiberoptic equipment that can help observe widespread or remote infrastructure.
In the United States, when pipeline security personnel come across physical damage to a line or other gas infrastructure, it is largely accidental or environmental, although there is the occasional instance of equipment theft or intentional damage.
With roughly 2.5 million miles of natural gas pipeline coursing throughout the United States, gas infrastructure delivered about 27.7 trillion cubic feet of dry gas in 2021, according to the U.S. Energy Information Administration (EIA). And when it comes to damage along the line, more often than not, the cause of such damage is attributed to some form of equipment failure or defective materials. In 2021, this source category accounted for 43.6 percent of the total damage seen on U.S. gas transmission lines, according to data from the U.S. Department of Transportation (DOT) Pipeline and Hazardous Materials Safety Administration (PHMSA). Corrosion as a source of damage was 16.4 percent, damage during excavation operations was 12.7 percent, incorrect operation was 10.9 percent, natural phenomena (such as lightning) was 9.1 percent, and all other reasons (including outside forces or incidents where the cause was unknown) was 7.2 percent.
That 7.2 percent would include instances of malicious physical attacks, which can be carried out by any number of actors—from domestic extremists to protesters and more.
“A lot of that has shifted to much more of the environmental NGOs and the activists,” says Don Greenwood, manager of corporate security for TC Energy, a major North American energy infrastructure company. “That’s probably our greatest risk, and it’s our greatest risk to our projects and the ability for the industry, as well as TC Energy, to be able to develop more pipelines and larger pipelines.”
While some environmental activists settle for protesting in front of government buildings or company facilities, Greenwood is more concerned about the ones who opt for violence.
Greenwood says that he is seeing violence occur in a current TC Energy project—the Coastal Gas Link line that runs across British Columbia in Canada. “We’ve had literally violent attacks. We’ve had people coming onto our property with axes and destroying millions and millions of dollars of equipment, attacking people in their vehicles, damaging things,” Greenwood adds.
One notable past example was over the Dakota Access Pipeline project. In 2016, a demonstration against the pipeline resulted in protesters pitted against private security guards for Energy Transfer Partners (ETP), the company building a pipeline with a route that would deliver gas through four states and close to a Standing Rock Sioux Tribe reservation.
Although the Dakota Access Pipeline was completed and is currently operational, the violent clashes resulted in significant bad press for ETP. Protests against pipeline projects have also garnered sympathy and support from other stakeholders, such as landowners and communities already frustrated with a pipeline proposal. Those alliances present a risk to established and proposed lines.
Beyond North America, the tactics and motives of malicious attackers are different. “You have many demographics and cultural differences,” says Langen. “Depending on whether you’re in Africa or Europe, people with political differences, people with environmental concerns, people who are just wanting to steal the medium—they’ll actually hot tap into the pipeline and pull the medium out and extract it.”
Hot tapping is where a new pipeline connection is made on an existing line while it remains in service with the pressurized gas continuing to flow, enabling the malicious actor to steal the product, according to the U.S. Environmental Protection Agency (EPA). While the method is used for legitimate reasons by authorized personnel, it has also been applied by unauthorized persons.
The thieves typically heavily surveil and investigate target infrastructure to understand where the weak points in system security are and then exploit those weaknesses to make a profit.
When an incident—whether accidental or intentional—does disrupt service along a line, Greenwood notes that at least in Canada and the United States there is enough redundancy and open communication that business continuity for end users is not too significantly impacted.
“One pipeline being attacked or exploding or going down isn’t going to shut down the system from being able to deliver gas,” Greenwood says. “Our first thing is to find out what happened, but then it’s to do whatever we can to get that system back online. …If we have to just throw some pipe on the ground and bypass that station in order to get gas or liquid moving, we can do that pretty rapidly.”
And when it comes to heavily geographically dispersed infrastructure, managing security and protection of those assets can seem overwhelming, Langen adds. “How do you manage that? How do you monitor it?” he says. For most security managers he interacts with, their options are limited to the resources available to them, prioritizing the most vulnerable sites. “They can only do so much,” Langen says.
Regarding countermeasures, Greenwood points to leveraging industry knowledge from a professional network along with intelligence analysts to keep a pulse on trends and information gathering. “For the physical security side, we manage those risks by understanding where are our greatest risks,” he notes.
Greenwood adds that analysis of open-source sites and documents related to organizations they know might forcibly oppose a pipeline project or organization is helpful, too.
“We are constantly looking to see where things are going, what are we hearing, where are the latest and greatest incidents or events that might happen. We’re using that intelligence then to determine where we need to deploy our resources,” Greenwood says.
Echoing Langen, Greenwood notes that TC Energy places its highest level of security at the sites and facilities deemed critical, “whether that’s using cameras, access control video, larger fencing,” or any other physical security solutions that can protect assets.
Along with physical access components, sensors along the line can assist security teams track authorized activity and remain alert to potentially malicious actors approaching infrastructure, according to Langen.
“What technology does is if you can get closer from an event or alarm to a response, you can shorten the time between ‘this is the bad stuff that happened’ and ‘this is how we’re going to mitigate it,’” Langen says.
That advanced knowledge, even if it comes in minutes ahead of an attack, gives security teams time to evaluate the risk and determine if they need to coordinate a response with local law enforcement or if it can be handled internally.
“Align the response appropriately, but the shorter you can get that time between the damage and the alarm to the response, that’s what the security managers are chasing. That’s the gold standard,” Langen adds.
Along with intelligence analysis, other parts of a robust physical security system are nonphysical.
“I think we can do a better job of explaining what we do and why we do it and the importance of the energy that we are moving,” Greenwood says. “We are trying to be climate conscious, but our industry is important, and we can do a better job of expressing what we do to protect and make it safe.”
On top of clearer messaging and transparency, Greenwood notes that talking with other companies about threats and collaborating on awareness, even between companies that operate as competitors, is more the norm for pipeline security teams. “The sharing between the companies has gotten a lot better. Before we were all in our own little silos and really were worries about just ourselves. I think now we all talk more.”
Sara Mosqueda is associate editor for Security Management. Connect with her on LinkedIn.