A worm in the works

Could disasters loom as more and more pipeline operators switch to Windows NT?

A worm in the works

On June 10, 1999, the Olympic Pipe Line Company’s main fuel line ruptured in Bellingham, turning picturesque Whatcom Creek into a blazing torrent of gasoline and killing three people. On the same day Worm.Explore.zip, a particularly nasty software worm disseminated as an attachment through Microsoft API-compliant e-mail programs, ran rampant through various large corporate networks (including Microsoft’s), deleting a random assortment of Microsoft Word, Excel, PowerPoint, and other files.

No one noted the coincidence of the two events at the time. But could it be more than coincidence? Might a computer virus or worm like Worm.Explore.zip threaten pipeline control systems like Olympic’s?

The answer appears to be no in the case of the Olympic accident, but yes or maybe in the case of a growing number of other pipelines around the world.

The potential targets in question are the computerized SCADA (supervisory control and data acquisition) systems that monitor the complex balance of flow, pressure, temperature, and other conditions inside the lines. Olympic’s SCADA system crashed one hour before the Bellingham accident, and a back-up computer also crashed, allowing pressure to build in the pipe. One month later the US Office of Pipeline Safety issued a warning to pipeline operators nationwide, advising them to make sure their control systems wouldn’t suffer similar malfunctions. It reported that an internal “database error . . . hampered controller operations” on the Olympic line. Together with the SCADA processor’s “inadequate reserve capacity” and the chaotic situation, this “may have been prevented the pipeline controllers” from reacting quickly enough.

Following this failure, says Olympic Pipe Line spokesman Pierce Edwards, “we completed an analysis of the SCADA system. As a result, the system parameters have been modified and the system upgraded, including a 750 percent increase in [data] processing capacity.” Officials at Olympic, the US Office of Pipeline Safety, and the National Transportation Safety Board otherwise decline to discuss details of the accident, pending release of an NTSB report that’s taking longer than expected. (The investigation has been complicated by Olympic employees’ refusing to provide information on grounds of self-incrimination.) NTSB spokesman Keith Holloway did confirm last fall that “the computer virus [sic] is one [potential factor] we’re looking into.”

But not one that’s likely to pan out. That’s because, according to Olympic IT manager Dan Swathman, the pipeline’s SCADA system does not run on Windows, which might have made it vulnerable to the e-mail-borne Worm.Explore.zip: “Our current SCADA system is on VMS, from Digital Equipment [now Compaq], running on an Alpha Chip. GMI makes the system. A couple computers are dedicated to it.” And, Swathman adds, these computers are not connected to the Windows-based e-mail and office systems through which the worm could have gotten in.

That’s reassuring—but the broader picture may not be. Across this country, and as far away as China, pipeline systems are switching from VMS and Unix systems to versatile, ubiquitous, user-friendly Windows NT. “The scada market has been moving towards Windows NT as the dominant operating system,” Oil & Gas Journal reported (3/24/97). “The use of NT for the console platform has many advantages, including the ability to display scada screens on the same console as many common business applications which have been developed for the Windows environment. . . . The archival of data in a relational form allows access by other applications outside the scada system. In this way, scada vendors are meeting the requirements of pipeline companies to use scada data in business applications outside the traditional gas-control environment.” In other words, Windows NT lets operators integrate their SCADA and business applications, such as . . . the e-mail through which viruses and worms typically spread.

Representatives of the famously underfunded and ineffective Office of Pipeline Safety say they don’t see a problem here nor do they meddle in companies’ choices of operating systems. “We want them to use the best operating system for their pipeline,” says one. And Microsoft representatives had no comment on the use of Windows NT in control systems and possible security concerns or precautions.

But Matt Saunders, a local expert on Windows NT vulnerability, was less sanguine when informed of such use. “One would hope that their command and control policies dictate that control machines should be isolated from other hosts,” he notes, “But this is rarely the case for most organizations, because it’s simply easier to get work done and ignore the risks.

“It terrifies me that a control system of this nature is being run on NT. It’s simply insane.”

Talk to us

Please share your story tips by emailing editor@seattleweekly.com.

More in News & Comment

King County weather: Dec. 3-5

Here is your King County area weather forecast for Dec. 3-5, 2021.… Continue reading

Former UW Medicine peer support specialist James Encinas sitting in his home. Photo by Cameron Sheppard/Sound Publishing
Former Harborview social worker was victim of racial discrimination and retaliation

James Encinas worked for behavioral health program that aimed to house the chronically homeless.

Keith Wagoner
Senator becomes first GOP candidate for secretary of state

Sen. Keith Wagoner will challenge Democrat Steve Hobbs, who was appointed to the statewide post in November

Snoqualmie Falls and the Salish Lodge & Spa. File photo
Snoqualmie Tribe concerned with unregulated air traffic at Snoqualmie Falls

Tribe urges federal regulators to introduce flight restrictions over sacred site.

The Federal Way Performing Arts and Event Center is located at 31510 Pete von Reichbauer Way S. Olivia Sullivan/the Mirror
FEMA to send mobile COVID-19 vaccination unit to Western Washington

The mobile site is set to open Dec. 20 in Federal Way; additional locations to come.

Courtesy of the Centers for Disease Control and Prevention
Washington health officials discuss response to new COVID variant

Things will be handled with Omicron variant similar to the Delta variant.

File photo
As new COVID-19 variant looms, vaccination disparities linger in King County

County data shows gaps among age, geography and race.

King County Councilmember Reagan Dunn
King County Councilmember Dunn will challenge Rep. Kim Schrier for U.S. Congress seat

The current County Councilmember would be following in his late mother’s footsteps

Garbage at the Cedar Hills Regional Landfill in Maple Valley. FILE PHOTO
King County and Port of Seattle to collaborate on waste-to-fuel study

The study is aimed at identifying logistics of developing aviation fuel out of municipal garbage.

Most Read