The following facilities represent some the most important oil and petroleum infrastructure in the United States. The vulnerability of these systems depends on several factors, including location, capacity and redundancy.
Port of Houston
Newington, Va., Storage Facility
Louisiana Offshore Oil Port
Port of Miami
Major U.S. Refineries
From Port (to Pipeline) to Pump: How Safe is U.S. Oil?
Nearly eight years ago, the U.S. government identified 15 scenarios in which hypothetical incidents were capable of threatening the nation’s economy and power supply.
One of those scenarios was the possibility of a large hurricane hitting a major metropolitan area such as New York City and causing catastrophic damage including knocking out power to millions, said homeland security expert David McIntyre.
“Although the threat was laid out at the federal level, state and local leaders did nothing to prepare for it,” he said.
The hypothetical became real on October 29 when Hurricane Sandy slammed into New York and New Jersey, idling nearly 70 percent of the East Coast’s oil refining capability, flooding entire neighborhoods and causing more than 100 deaths.
In a December hearing before the Senate Committee on Commerce, Science and Transportation, Patrick Foye, executive director of The Port Authority of New York and New Jersey, testified that the storm will likely cost the region tens of billions of dollars in damages.
Many experts say they believe future storms could be even more damaging. “That’s my concern for petroleum critical infrastructure,” said McIntyre, a former director of the Integrative Center for Homeland Security at Texas A&M. “What low probability but high consequence events are out there, and have we been properly preparing for them?”
Deciding which events to spend money planning for requires setting priorities, and the U.S. government hasn’t done a great job of that, said Todd Keil, former undersecretary of the Department of Homeland Security’s Office of Infrastructure Protection. “Identifying the risk and where you put your resources is the biggest challenge.”
The Department of Homeland Security has a classified list of facilities it has identified as “national critical infrastructure” based on two criteria – economic impact and potential fatalities, Keil said. The energy sector is among the 18 sectors reviewed. “If I had to pinpoint something I’d look to refineries,” said Adm. James Loy, former deputy secretary of the Department of Homeland Security. Refineries convert crude oil into usable petroleum products such as gasoline and jet fuel.
Although the list is classified, some experts have suggested what types of high-priority infrastructure may be considered for it.
Pipelines play a critical role as well, and may be harder to secure and protect, said Paul Rosenzweig, former deputy assistant secretary for policy in the Department of Homeland Security. “If you have an oil refinery, you can put up fences, hire guards and do a pretty decent job of getting yourself together on that,” Rosenzweig said. “If you have a 2,000-mile pipeline from Canada to Texas, you simply cannot protect the entire pipeline.”
The Colonial Pipeline, for example, spans more than 5,000 miles from Houston, Texas to Linden, N.J., and delivers more than 2 million barrels per day of gasoline, diesel fuel and home heating oil from the Gulf Coast to the Northeast. The Colonial Pipeline also delivers jet fuel to major airports, including Atlanta International, Dulles International and Reagan National Airport in Washington.
Energy experts say natural disasters pose the greatest risk to energy infrastructure, in large part because most of the nation’s critical petroleum infrastructure is concentrated in and around the Gulf of Mexico.
“The real greatest vulnerability is the rather unsexy natural disaster and accident stream,” Rosenzweig said. “That probably outweighs the terrorist threat, either through physical attack or cyber, by a significant degree.”
Houston alone contains many major refineries that together account for approximately 30 percent of the nation’s refining capacity, Rep. Michael McCaul, R-Texas, said in a 2011 House Homeland Security Committee hearing. Houston’s 25-mile ship channel and surrounding area receives almost 25 percent of all U.S. oil imports.
“If catastrophe struck the port, there is little spare capacity to import and refine crude oil anywhere else in the country,” McCaul said in the statement prepared for the hearing.
Elsewhere in the Gulf of Mexico, hurricanes pose a threat to such critical facilities as the Louisiana Offshore Oil Port, a terminal approximately 18 miles south of the Louisiana Coast. The LOOP is the single largest point of entry for oil tankers carrying crude oil to the United States, and it is the only platform in the nation capable of accommodating oil supertankers.
“The Houston Ship Channel is significant. The Colonial Pipeline is significant. The LOOP is significant,” Keil said. “There would be a significant impact should something happen to any of those.” The impact could range from short-term supply disruptions and price spikes to longer term shortages, depending on the severity of the incident.
When Hurricane Katrina hit the Gulf in 2005, it caused a 95 percent reduction in daily Gulf oil production, according to the U.S. Energy Information Administration. The storm closed refineries, disrupted crude oil and petroleum imports and caused oil prices to skyrocket. And experts say it may get worse before it gets better.
“Most if not all of the predictions are for more storms and for more severe storms,” Loy said. “It is a quite serious matter for both the industry and the people who respond to such events.”
National security experts cite cyber safety as another significant – and rapidly growing – concern with respect to the energy sector. “Unfortunately, most of our infrastructure today is in one way or another connected to the Internet,” said Gal Luft, co-director of the Institute for the Analysis of Global Security, a Washington-based think tank. “Once you have access to the Internet, you basically are open to everything that the Internet brings.”
Thomas Cellucci, a former commercialization officer who managed public-private partnerships at the Department of Homeland Security, also emphasized the growing cyber threat. “That’s the biggie,” Cellucci said. “Cyber attacks are really something that ‘govvies’ worry about, and they should.”
Increasingly, refineries and pipelines run on computer-controlled systems called supervisory control and data acquisition – or SCADA – systems. Designed to increase efficiency, the systems also create vulnerabilities.
“The attacks that are most likely to cause real civilian harm are attacks on the industrial control systems,” said Stewart Baker, former assistant secretary for policy at the Department of Homeland Security. “Not the Windows networks, but the industrial systems that are built on software increasingly and that make pipelines work, refineries work.”
Targeting industrial systems is on the rise. In July 2012, a security company discovered the Stuxnet virus. Many speculate that the sophisticated virus was state-sponsored—either by the United States, Israel or both—and designed to infiltrate and undermine Iran’s uranium enrichment facility.
One month later, state-owned Saudi Arabian Oil Co., better known as Saudi Aramco, reported that a virus called Shamoon infiltrated the company’s computers. “More than 30,000 computers that it infected were rendered useless and had to be replaced,” said Secretary of Defense Leon Panetta in an October 2012 speech. “It virtually destroyed 30,000 computers.”
There is no evidence that the U.S. has encountered such an attack on domestic oil infrastructure, Baker said, but the likelihood increases as the tools required to execute an attack get easier to use. “My biggest worry about this is that every year, the kind of damage that can be done by a handful of people grows.”
Baker said he’s also concerned there isn’t enough preparation for mitigating these threats. A lot of the attention has focused on making systems harder to hack, he said, which is really about putting up defenses, and not about what happens if those defenses fail.
The energy sector, along with the transportation and banking and finance sectors, is one of the most likely to be targeted by terrorists, Keil said. “These three things together I think are very, very primary targets – from an operational perspective and from an ideological perspective.”
In 2006, a group of al-Qaida terrorists launched a well-planned, but unsuccessful attack against the Abqaiq processing facility, one of Saudi Arabia’s most crucial oil facilities. Two days after the attack, according to a report released by the Jamestown Foundation, al-Qaida affiliated cleric Sheikh Abd-al-Aziz bin Rashid al-Anzi published the terrorist group’s religious justification for attacking oil infrastructure called “The Religious Rule on Targeting Oil Interests.” In it, he wrote: “Targeting oil interests is lawful economic Jihad. Economic Jihad in this era is the best method to hurt the infidels.”
Former al-Qaida leader Osama bin Laden also urged his followers to attack the oil industry as a way of striking at the center of gravity of the U.S. and its allies.
Keil said the terrorist threat to energy infrastructure is particularly worrisome when it comes to cyber. “What we were seeing is that [the terrorists] up to this point were using the cyber arena more as a tool rather than a weapon,” Keil said. “But that’s just around the corner. I think we’re probably on the cliff of the established terrorist groups using cyber as a weapon.”
But identifying and prioritizing cyber threats and other infrastructure risks does not mean the U.S. is prepared to deal with such risks, Keil said.
“There was a lot of assessment and risk identification work being done,” he said, “but there were no metrics to determine if actual steps were being taken … we had no idea if anything was being done or not.”
The Department of Homeland Security started developing a way to assess progress a few years ago, Keil said. Current Department of Homeland Security officials declined to comment.
But homeland security veteran McIntyre said it’s still unclear how the federal government prepares for threats, a reality he said is particularly troubling when considering low-likelihood, high-impact scenarios.
To McIntyre, that means an incident on par with shutting down refineries, simultaneously attacking three different parts of a major pipeline, or preventing heating fuel from reaching parts of the Northeast U.S. for a prolonged period of time.
“But unless somebody has some sort of public oversight, we don’t know if that’s been considered,” McIntyre said. “That’s why I think the legislative branch needs to be sure they’re providing oversight on critical infrastructure issues.”