Protecting offshore oil and gas installations
Debbie Rafferty MSc(Debz) has more than thirty years’ experience in the security and counter terrorism industry, she is currently researching a PhD in Criminology and Sociology at The University of Abertay. The following article is based on a Counter Terrorism Studies Masters Thesis titled “How do energy companies manage and mitigate the security of offshore oil and gas installations?” submitted to Liverpool John Moores University in 2020, and presented at the recent International Security Expo in London last September
In the 1970s, offshore maritime terrorism was identified a clear and present insidious danger. What is the menace? Oil and gas installations are susceptible to attacks - disruption by an operative or saboteur who permeates the crew, appropriation by an effective and organised terrorist faction, subaquatic attack by a diver or submarine and an unrestrained strike by an antagonistic power (Townsend, 1975). However, this is the 21st century and evidentially subversive attacks could be launched in many more sophisticated guises, including but not limited to, cyber, insider threat, insurgency infiltration via small boat, drones, light aircraft, safety boat, and helicopters used to transport rig staff, coupled with the current cold war enigma installations in the North Sea, the oil and gas infrastructure is increasingly vulnerable. So much so the UK has launched an exigent security review of North Sea energy pipelines after Russian ‘sabotage.’ Increasingly, extreme political groups have resorted to sabotage and hijacking in Britain and throughout the world. The foremost antidote relating to prevention was identified as a ternary stratagem comprising of Planning, Preparedness, and Performance. Therefore, from the aforesaid, one may presuppose that the past informs the present and subtly seeps into the future. The online magazine Rigzone reported that from 22 May 2022, in the Bay of Campeche, Mexico, there have been six maritime terrorism events. The attacks involved three supply vessels and offshore oil installations (MSTA) (Exarheas, 2022). Rewinding and reflecting on these events as to the why and wherefores of the incursions should supplement existing security knowledge. Further, highlighting what mitigating and moderating procedures are desirable in order to prevent similar incursions on exposed oil and gas installations in, for example, the North Sea. Circa 26 September 2022 events in Danish waters erupted because of “an act of ‘Sabotage’ on the Nord Stream gas pipe” (Sky News, 2022). It is thought the saboteur set off a series of explosions to damage the pipeline. Had this been a petroleum supply line, the environmental damage would have catastrophic. In a time of increased aggressive acts against the oil and gas industry why is the UK not taking potential threats seriously?
My recent presentation on how oil and gas companies manage and mitigate security in the North Sea highlighted security failings, along with the potential for impending occurrences. Failings that are not “secret” in nature but available to the general populous..
The Main Points
There remains an endemic culture of postulation and procrastination within the industry, with regard to the issue of insurgency and the role of the Offshore Installation Manager (OIM) in this context. This phenomenon is known as a presumption of knowledge or ‘imagined’ idea that, the OIM has specialised training to manage an unquantifiable level of security risk. This can be traced to a perceptible gap in current training and is supported by the findings of Hollnagel (2006 p.86) who alludes to risk evaluation as “work as imagined” and “work as done.”
The OIM ‘captain’ of an oil rig is supposed to maintain safe operating practises in an exceptionally hazardous environment while at the same time maximising production of a product with significant economic return to the British Government. During an interview for research purposes, rig personnel believed if there was an illegal ‘boarding’ on a rig in the North Sea the OIM would have the necessary training to deal with this situation and instruct everyone what to do. Further enquiry into the prerequisite training needed to be an OIM highlighted that there was in fact no training in the prevention of insurgency. Any training was restricted to incidents that may occur within Standard Operating Procedures, with a focus on “slips trips and falls.”
Hazard Management tools need revisiting and revamping in terms of the prediction of physical projected threats. The majority of those standardised evaluation systems used across the oil and gas industry are located within the “lessons learned” and “pass process failures prevention.” Thus, there is a necessity to step back from the ‘knee jerk’ responses and a move towards a proactive dynamic predictive process. A note should be made that if the sector exists in a bubble of “the past is a reflection of the past” then why is data not collated to inform the future. Collating data from for instance, the Bay of Campeche events would inform the structure and content of training modules to mitigate and manage similar incursions.
Threat defence mechanisms remain focused on threats such as, the negligent and malicious insider. The attitude that although the threat is not perceptible does not mean it does not exist.
External threats from anti-petroleum movements who plant explosives on gas lines are becoming more frequent, and yet there is no Tactical Evaluation simulations or pre-emptive response training across the industry.
Current response mechanisms are outdated, and although may appear expedient on paper there is an ever-increasing gap between the reaction procedures and actual real life ‘planned responses’ if there is an event. A constant reminder is the Piper Alpha in the North Sea tragedy when a substantial leakage of gas condensate on the rig caused an unprecedented disaster. This took all of 22 minutes to unfold, 167 souls were lost and the Occidental Petroleum Corporation settled to pay $180 million in reparation to victims’ families and survivors. Overall, the Piper Alpha tragedy incurred a $3.4 billion USD loss in revenue.
There are defence mechanisms in place, in the shape of a ‘safety vessel’ nonetheless inquiry has shown that often these vessels are not fit for purpose. On the other hand, Norway employs custom-built boats, while the UK relies on antiquated trailers and tugboats. Likewise safety zones and existing maritime measures are not ideal, short comings were identified by Assaf Harel (As far back as 2012). Hitherto, the frequent incursions by environmentalist groups have had little effect on the up to date ‘be prepared training’.
Response at National level is now restricted, largely by location. Amalgamation and relocation of military and maritime defences has increased an estimated response time more than 4 hours, even though Piper Alpha was devastated in 22 minutes. Lack of external learning was cited in the Cullen report (Reid 2020). Therefore, illustrating the difficulty that companies have in learning from disasters that occur elsewhere.
Government strategies have continually been challenged by scholars, and on closer inspection emergency strategies appear robust and integral on paper these strategies have not been rehearsed by the sector and/or policy makers. Legal devolution has resulted the division of the UK. This division has brought about national policies that satisfy English and Scottish law.
Given the importance of the human resources, sector and commodities produced, there is a lack of investment into specialised trained and qualified response personnel to manage extremist threats.
The initial research carried out regarding ‘How oil and gas companies manage and mitigate security in the North Sea’ reveals conspicuous and concerning vulnerabilities. There are however uncomplicated solutions to overcome these weaknesses in the North Sea.
Include pre-emptive training of all oil and gas personnel, specific to anti incursion and proactive responses to intended threats.
Intensify the powers of arrest for the OIM and inclusion of a counter insurgency module as part of the OIM course.
Include an Offshore Security Manager who can conduct on location risk assessments and design practical standard operating procedures (one per rig).
Employ a researcher within the company framework who can investigate and review the under currents of global socio-political-economic developments that may precipitate insurgent events. Further, this person could liaise with the Operations Security Manager to utilise the ‘lessons learned’ to generate effective processes and procedures in response to evolving threat situations.
There may be those readers who perceive that the information contained within this article will update unscrupulous individuals about national offshore security integrity and weaknesses. In response to this is that the existing vulnerabilities are already common knowledge. Finally, this is not a fictitious issue there is an imminent clear and present danger, and evidence indicates that this is accelerating. There is an expenditure effective solution which can be implemented to manage/mitigate and protect personnel, installations and avoid financial loss.
Thanks to Margaret A. McLay (MA, MSc, MEd) who contributed to the research and presentation of this article.