Nearly 60 people from energy companies and federal agencies attended the meeting, which included a classified security briefing and panel discussion that focused on protecting pipelines, power lines, refineries and other facilities from espionage, hackers and overseas-led cyber attacks.
The meeting was a follow up to an April 2018 cyber attack directed against several natural gas pipelines in the United States. Culprits were never publicly named and no arrests were made but the FBI and several federal agencies have been working to prevent it from happening again.
Deron Ogletree, assistant special assistant in charge of the FBI's Houston field office, said part of those prevention efforts involve sharing intelligence and classified information with companies. The agency, he said, is concerned about cyber attacks led by a "laundry list of actors" that includes hacktivists, environmentalists and hostile foreign governments.
"We don't tell these companies how to do business," Ogletree said. "We simply provide them with information that we hope they use to calculate risk."
China, North Korea and Iran have emerged as state sponsors of cyber attacks on the United States but a March 2018 alert from the Department of Homeland Security and the FBI warned about Russia launching an "intrusion campaign" using malware, phishing emails and other hacking techniques on multiple targets in the energy sector. Three years earlier, Russian hackers used cyber attacks to knock out the power grid in Ukraine in late 2015.
William Evanina, director of the National Counterintelligence and Security Center, the Houston Chronicle that the United States and its energy sector remain "extremely vulnerable" to cyber attacks.
"Nowhere else in my life, have I seen a more critical time and place for a robust, continuous and vibrant public-partnership than I do with the energy sector," Evanina said.
Attendees to the Wednesday afternoon security briefing were kept confidential but the issue is cybersecurity is top of mind for industry executives.
Bhushan Ivaturi, senior vice president and chief information officer for the pipeline operator Enbridge, did not attend the FBI's meeting but said he and other company executives have testified about cybersecurity at meetings in the White House and elsewhere in Washington D.C. Delivering natural gas to power plants and homes, the company's pipelines considered as "critical energy infrastructure."
Not sitting idle, Ivaturi said Enbridge brings in third-party cybersecurity experts to test vulnerabilities in the company's computer systems. The company also tests employees for their vulnerability to phishing.
"It's not just about our lab solving those problems," Ivaturi said. "We're creating a culture of cybersecruity across the company. It's about getting every employee to be vigilant by training them appropriately."
©2019 the Houston Chronicle. Distributed by Tribune Content Agency, LLC.
