For an industry increasingly reliant on gadgets such as digital sensors, infrared cameras and drones to monitor security and check for leaks, the sabotage illustrated how vulnerable pipelines are to low-tech attacks.
On Tuesday, climate activists broke through fences and cut locks and chains simultaneously in several states and simply turned the pipelines off.
All they had to do was twist shut giant valves on five cross-border pipelines that together can send 2.8 million barrels a day of crude to the United States from Canada – equal to about 15 per cent of daily U.S. consumption.
The activists did no damage to the pipelines, which operating companies shut down as a precaution for checks before restarting.
The United States is the world’s largest energy market, and the infrastructure to drill, refine, store and deliver that energy to consumers is connected by millions of miles of pipeline that are impossible to protect entirely from attack.
“You’re not manning these things on a permanent basis. It’s not viable,” said Stewart Dewar, a project manager at Senstar, an Ottawa-based company that authored a 2012 white paper on pipeline security.
“It’s too expensive.”
There are more than 200,000 miles (322,000 km) of oil lines and many times that of natural gas lines across the United States. Thousands of rural and often remote pumping and valve stations dot the country.
The cost of posting armed guards at valve stations, usually found every 20 miles along the underground pipelines, would be prohibitive, said Dewar.
For companies, there are few options to police the parts of their pipeline networks that sit above ground, such as the valve stations.
The stations are usually protected by nothing more than the same flimsy chain link fence and padlocks elementary schools use to protect their playgrounds.
But until Tuesday, environmental activists had never carried out a simultaneous, coordinated attack of this magnitude.
Tuesday’s action, supported by the Vermont-based Climate Disobedience Action Fund, was held to draw attention to climate change and to support opponents of the proposed Dakota Access Pipeline, which critics say could rupture and sour drinking water for the Standing Rock Sioux Tribe in North Dakota.
Several pipeline operators and safety experts said shutting off valves was extremely dangerous and that activists underestimated the risks.
Pipelines can be heavily pressurized depending on length and altitude variation, and shutting off a valve could cause ruptures that are “catastrophic” for the environment, Paul Tullis of Tullis Engineering Consultants said.
“It’s like a freight train,” he said of the momentum with which the oil moves. “If these people are hydraulic engineers, they might be able to do this safely.”
Activists often do not fully know what they are doing, even if they think they do, Tullis said.
Protesters said they spent months studying how to safely shut the valves. The ability for them to access the proprietary information necessary to shut a line safely was questioned by experts.
Either way, pipeline specialists said it was lucky there were no leaks on Tuesday. Once the valves are shut, pressure can quickly build up inside pipelines that operate under as much as 1,000 pounds (450 kg) per square inch.
Protesters were taking a chance that a weak spot in a line would not explode, and that employees in operations hubs would spring into action after hearing alarms.
“On the wrong pipeline, in the wrong place (actions like this) could kill people. This is hazardous hot liquid. It’s not something to be terrified of, but it must be respected,” said Richard Kuprewicz, president of Accufacts Inc, a pipeline advisory firm.
Security ramp-up after 9/11
They did not immediately respond to questions about their broader security precautions, though some of them emphasized having multiple safety systems in place.
The general vulnerability of U.S. infrastructure – from bridges to power plants and ports – became more apparent after the attacks of Sept. 11, 2001.
Since then, the U.S. Transportation Security Administration, part of the Department of Homeland Security (DHS), has asked pipeline companies to carry out a “security vulnerability assessment” for their assets and to conduct risk assessments that include the “likelihood of a success of an attack,” and to take steps to mitigate those risks.
A review published by the DHS in 2015 identified physical and cyber security as a risk to energy infrastructure systems, including the threat of multiple, coordinated attacks and electromagnetic pulse events, but focused primarily on threats to the electrical grid.
Security experts said they have tried to strike a balance between protecting facilities, ensuring freedom of movement and keeping costs in check.
The Association of Oil Pipe Lines, an industry group, said it recognized disagreements exist about energy policy, but that the protest went too far.
Previous valve closures have caused spills, including one of nearly 4,000 barrels of oil, the group said.
“We don’t want anyone to get hurt or cause a release into the environment,” said Andrew Black, the group’s president.
Reporting by Liz Hampton in Houston and Ethan Lou in New York; Additional reporting by Devika Krishna Kumar and Jessica Resnick-Ault; Writing by Terry Wade; Editing by Simon Webb and Bill Rigby