soviet pipeline explosion

The cyberattack we have chosen to showcase in The Sentryo Files today was most likely carried out by the CIA to stop the KGB from stealing technology in the early 1980s.

The CIA steals software and causes a Soviet pipeline to explode

Cyberattacks on industrial control systems are not entirely characteristic of modern day: in 1982 a Trojan horse embedded in the operating systems of gas supply infrastructure most likely caused a Soviet pipeline explosion.

Soviet pipeline explosion: a cyberattack worthy of a spy blockbuster

And the tables are turned… At the end of the Cold War, “Farewell”, a Russian agent working for the technical intelligence directorate and the CIA revealed to the Pentagon that Soviet theft of technology was massive. To put an end to these practices and contribute to the fall of the Soviet Union, the CIA allegedly stole sensitive software and embedded in it a Trojan horse.

When the KGB ‘recovered’ the stolen software, a Trojan horse was automatically installed in the pipeline control system. Excessive pressure was created which eventually caused the pipeline to explode.

Unclear circumstances
The facts behind the incident were never confirmed. Thanks to former special assistant to President Ronald Reagan Thomas C. Reed’s book, as well as American national security advisor Richard Allen’s account, we now know a little bit more about this cyberattack and the Deception Program aimed to discredit Soviet technology.

The story of “Farewell” was adapted to cinema in 2009 with the French film Farewell (L’Affaire Farewell) starring Émir Kusturica and Guillaume Canet.

Security flaws hidden deep within software programs

Although disputed, this cyber incident highlights the importance of being wary of imported software that can hide backdoors and malicious programs. Vectors of intrusion into IT systems, they can cause serious material damage, especially if they are used against critical infrastructures.

To arm yourself against these attacks, you need to implement protection measures for your industrial systems:

  • Running an audit on the source code of software used to control critical infrastructures allows you to ensure it is free of security flaws and malicious programs.
  • Installing security mechanisms on servers kept separate from the IT system guarantees the integrity of networks and the effectiveness of security procedures.

Whether on a strategic or financial level, this type of incident reveals the importance for countries and heads of industrial infrastructures alike to protect themselves against industrial cybersabotage. It is essential to secure strategic industrial systems by protecting them against malicious programs.

Want to dig deeper?
This is not the first time we have talked about a pipeline explosion in The Sentryo Files: find out more about the attack on the BTC pipeline in 2008

Sources: reports drafted by the SCADA work group of the French Information Security Club (Clusif) in 2017.