The original supply chain attack was to supply a manipulated control software which changed turbine and valve configurations so that the pipeline was running with unsafe levels of pressure.
Eventually the pressure was too much and the line burst.
The manipulations were subtle enough that personnel couldn't easily distinguish them from normal operation - which is why the attack went undetected until the explosion happened.
In the current case however, the pipeline was already shut down and the pressure levels where monitored on the european side (and probably on the russian side too). A cyberattack would have to turn the turbines back on while also rigging the monitoring stations on both sides in such a way that everyone still believes the pipeline is off. (And hope no one physically present at the stations wonders why turbines for a pipeline that's supposed to be off are running at full speed)
I think Ockham's razor would favourite the submarine hypothesis here :)
The original supply chain attack was to supply a manipulated control software which changed turbine and valve configurations so that the pipeline was running with unsafe levels of pressure.
Eventually the pressure was too much and the line burst.
The manipulations were subtle enough that personnel couldn't easily distinguish them from normal operation - which is why the attack went undetected until the explosion happened.
In the current case however, the pipeline was already shut down and the pressure levels where monitored on the european side (and probably on the russian side too). A cyberattack would have to turn the turbines back on while also rigging the monitoring stations on both sides in such a way that everyone still believes the pipeline is off. (And hope no one physically present at the stations wonders why turbines for a pipeline that's supposed to be off are running at full speed)
I think Ockham's razor would favourite the submarine hypothesis here :)