Tuesday, December 27, 2016

CSB Continues to Investigate Multiple Fires at Ravard Refinery

Baton Rouge, LA

Investigators from the Chemical Safety Bored continue their investigation of multiple fires at the Rafael Ravard Refinery south of the city even as more fires break out. So far there has been no serious damage to the refinery, no deaths and limited injuries in the on-going incident. Refinery officials press on with their attempts to manually shut-down the operations.

CSB investigators showed up Saturday as fires were extinguished in Cracker #2 which was undergoing non-routine maintenance when the fires started. Additional fires in other units started while those investigators were on-site as unscheduled shut-downs started in other units.

A CSB spokesman confirmed earlier reports that the initial fire appears to be related to unplanned shutdown of electronic control system components in Cracker #2. Those shutdowns were apparently associated with the routine maintenance of a valve controller in a bypassed line in that unit.

Unconfirmed reports continue to be heard that the initial problem was caused by a software issue associated with that valve maintenance. Investigators from an unnamed federal lab in Idaho did arrive on seen on yesterday. These investigators are reportedly cybersecurity experts that work with electronic control systems.

Reports are starting to circulate that a ransomware incident involving a lap top involved in that valve maintenance may be the starting point of the incident. At least on engineer from the facility has stated that ransomware is spreading through the facility. That engineer has not been available for talks with the press.

Ransomware is an attack on computer information systems that encrypts files and requires the owner of the system to pay a ransom to have those files decrypted. There have been an increasing number of ransomware incidents being reported. Most recently the Women and Children’s Hospital here in Baton Rouge was affected and was forced shutdown many operations while backup files were used to bypass the problem.


There have been no reports from the refinery about the number of on-site first aid cases related to the fires during this incident. There have been 12 people taken to local hospitals, mainly with smoke inhalation issues. One facility fire fighter is in serious condition in with chemical burns. Names of the injured have not been publicly released.

1 comment:

  1. Hmm. I've seen a lot of hate and discontent from poorly written protocol stacks that don't interoperate well.

    Such problems can masquerade as an attack when it's really just a bunch of poorly tested releases that don't work together well.

    The notion that this was any kind of attack malware presumes that someone knows enough about the specific valve and the specific application and the specific person who might have access to that valve to effect a successful attack. That's a lot of specifics. Call me a skeptic, but I really doubt the malware thesis.

    ReplyDelete