Security for LNG Terminals and Gas Infrastructure | CloseProtectionHire

LNG terminals occupy a distinct position in the critical national infrastructure landscape. They are simultaneously maritime infrastructure – subject to the ISPS Code and maritime security regulation – and onshore chemical process sites subject to COMAH 2015, National Infrastructure Security requirements, and physical security standards designed for fixed industrial facilities. Managing both frameworks simultaneously, across a site that includes jetty infrastructure, cryogenic storage tanks, regasification units, and gas send-out metering stations, requires a security approach that integrates maritime, industrial, and personnel security disciplines.

The security baseline for LNG terminals is shaped by two parallel forces: the post-2022 European energy security environment, which accelerated physical resilience reviews across all gas infrastructure, and the P1 market operating context, where community grievance, militant activity, and theft from infrastructure add threat categories not covered by the European regulatory framework.

Regulatory Framework: COMAH and ISPS

LNG stored in receiving terminal tanks almost invariably exceeds the 50-tonne threshold for flammable liquefied gas that triggers top-tier status under the Control of Major Accident Hazards Regulations 2015 (COMAH 2015). A top-tier site must maintain a Safety Management System, a Major Accident Prevention Policy, an on-site emergency plan, and an External Emergency Plan coordinated with local emergency services. The physical security plan is a component of the COMAH safety case, reviewed by the Health and Safety Executive and Environment Agency joint competent authority.

The ISPS Code (International Ship and Port Facility Security Code, implementing SOLAS Chapter XI-2, in force since 2004) requires every LNG receiving terminal to appoint a Port Facility Security Officer (PFSO), develop a Port Facility Security Plan (PFSP) covering threat assessment, access control, cargo security, and monitoring systems, and maintain continuous Security Level coordination with vessel Security Officers on incoming LNG carriers.

The maritime exclusion zone of 500 metres around an LNG carrier at berth is enforced under IALA guidance and by national Maritime and Coastguard Agency or Coast Guard authorities. Within that zone, access by water is prohibited without prior authorisation. The jetty perimeter – above and below the waterline – requires surveillance coverage and patrol.

Nord Stream and the European Threat Baseline

On 26 September 2022, four deliberate explosions caused leaks on Nord Stream 1 and Nord Stream 2 pipelines in the Baltic Sea, permanently disabling three of the four pipes. Multiple investigations – by Germany, Sweden, Denmark, the US Senate Select Committee on Intelligence, and independent technical bodies – confirmed deliberate sabotage. Attribution remains contested in public reporting as of 2025.

The operational security implication across European gas infrastructure was immediate. ENTSO-G (European Network of Transmission System Operators for Gas) coordinated emergency physical security reviews of member TSO infrastructure. The EU’s Critical Entities Resilience Directive (CER Directive 2022/2557), adopted in December 2022, formally extended physical resilience obligations to energy operators including gas TSOs and LNG terminal operators – requiring threat-based risk assessments, incident reporting, and physical resilience measures.

The Industroyer2 attack on Ukrainian electrical infrastructure in April 2022 (attributed to Sandworm by ESET and Mandiant) demonstrated that state-affiliated actors had both the intent and capability to attack energy infrastructure with consequences for civilian populations. Gas infrastructure security planning that does not account for state-level adversary capability is now considered inadequate by European regulatory and intelligence standards.

Compressor Station Security

Gas transmission compressor stations are high-consequence, long-lead-time targets. A large gas turbine-driven compressor unit from Rolls-Royce, Solar Turbines, or GE has a replacement lead time of twelve to twenty-four months. A successful sabotage event at a critical compressor station – fire, explosive damage to the unit, deliberate introduction of contamination to the lubrication system – can effectively take a pipeline route offline for over a year.

Physical security of compressor stations must reflect this consequence severity. Standard requirements include perimeter fencing with intrusion detection, CCTV with 24/7 recording and monitoring, controlled vehicle access with entry authorisation logging, building access control with role-based permissions, ICS/SCADA system physical access control (NERC CIP-006 equivalent), and security patrol at intervals proportionate to site risk level.

Insider threat is the most frequently documented attack vector at gas process infrastructure. CISA and FBI Joint Advisory AA22-083A (March 2022) specifically identified insider placement at critical infrastructure as an ongoing threat from nation-state actors. Personnel security – pre-employment vetting, ongoing screening, access review cycles, and anomaly detection for abnormal access patterns – is an operational requirement at COMAH top-tier gas sites.

Pipeline Inspection Security in P1 Markets

Gas transmission pipelines in P1 country markets cross terrain that creates security requirements beyond the European standard.

Nigeria. Nigeria LNG Limited (NLNG), Onne Port – the Trans-Niger Pipeline and Eastern Gas Gathering System run through the Niger Delta, where historically high levels of militant activity (Movement for the Emancipation of the Niger Delta, MEND, and successor armed groups) have led to multiple pipeline attacks and oil bunkering operations. Inspection teams operating on foot or in light vehicles in pipeline right-of-way areas in Rivers and Bayelsa States require armed escort, advance route reconnaissance, and a communication and emergency response plan aligned with the NLNG security operations function. The Bodo-Bonny road and the approach routes to NLNG’s Bonny Island terminal have been recurring incident sites.

Pakistan. The Sui Northern and Sui Southern gas pipeline networks cross Balochistan Province, where Baloch nationalist insurgent groups have conducted systematic attacks on gas infrastructure since 2004. Pakistan Sui Gas attack data compiled by the ACLED database records over 300 incidents on gas infrastructure in Balochistan in the decade to 2024. Inspection teams require high-spec escort, communications redundancy, and medical evacuation planning.

Indonesia. Pertamina Gas pipeline infrastructure in parts of Sumatra and Kalimantan operates in areas with active community grievance dynamics and, in some districts, residual separatist or Islamist armed group activity. The physical security requirement varies significantly by province and must be calibrated to current threat assessments rather than historical assumptions.

Colombia. The Transgas and Ocensa pipeline systems cross areas historically contested by FARC dissident groups and ELN. The 2016 FARC peace agreement reduced but did not eliminate this threat. ELN has continued infrastructure attacks as a tactical instrument in negotiation periods. Security requirements for inspection teams in ELN-affected departments – Arauca, Norte de Santander, Choco – include armed escort and dynamic threat assessment.

LNG Terminal Security in P1 Ports

Mombasa, Kenya. Kenya’s developing LNG import infrastructure is linked to the general port security environment at Mombasa, which requires ISPS-compliant port facility security alongside land-side access control appropriate for the Kenyan security context.

Karachi, Pakistan. The Engro Elengy LNG terminal at Port Qasim Karachi operates in an environment requiring armed security detail for key personnel during non-routine site visits, and a robust vetting programme for contractors and maintenance personnel given the Karachi general security context.

Lagos, Nigeria. Nigeria LNG and associated receiving infrastructure in Lagos operate within the broad Lagos security environment – requiring vehicle access control, personnel vetting, and close protection for senior executives and visiting international personnel at the higher end of what European LNG operators would regard as baseline practice.

Drone and UAS Threat

Commercial UAS present a surveillance and kinetic threat to LNG facilities. A drone carrying an incendiary payload over a vaporisation unit, flare stack, or cryogenic storage tank creates a material incident risk. The UK Civil Aviation Authority CAP 1611 (Unmanned Aircraft Systems Operations in UK Airspace) includes specific guidance for critical infrastructure operators on UAS threat assessment and countermeasures. Counter-UAS systems – passive detection, active jamming, physical intercept – require spectrum licencing and coordination with relevant national authority (Ofcom in the UK, FCC in the US) before deployment.

Physical security assessment of LNG facilities now routinely includes a UAS threat scenario, with countermeasures proportionate to the facility’s consequence profile.

For chemical plant and HAZMAT site security – where COMAH top-tier obligations, process-safety and physical-security integration, vehicle access control, and insider threat management create a comparable regulatory and operational framework – see our security for chemical plants and hazmat sites guide. For nuclear energy facilities, where CNI designation, NPSA physical protection standards, and state-level adversary threat create a parallel but more heavily regulated infrastructure security context – see our security for nuclear energy facilities guide. For counter-UAS operations at LNG and gas facilities specifically – including the DID (Detect-Identify-Defeat) framework, UK CTBSA 2019 ATCO powers, sensor deployment models, and the operational lessons from Ukraine’s gas infrastructure drone campaign – see our counter-UAS and drone operations security guide.

Sources

COMAH 2015: Control of Major Accident Hazards Regulations 2015 (SI 2015/483). ISPS Code: International Ship and Port Facility Security Code, IMO, in force July 2004. ENTSO-G: Gas Infrastructure Security Assessment, European Network of Transmission System Operators for Gas, 2023. EU CER Directive 2022/2557: Directive on the Resilience of Critical Entities, December 2022. ESET/Mandiant: Industroyer2 – Industroyer’s Cousin Targeting Ukrainian Power Grid (April 2022). CISA/FBI: Advisory AA22-083A – Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector, March 2022. Nord Stream investigation: German Federal Prosecutor’s Office case file reference 2022 (ongoing), Swedish investigation closed 2024. NERC CIP-006: Physical Security of BES Cyber Systems, NERC, current version. ACLED: Pakistan Conflict Data – Gas Infrastructure Incidents Balochistan 2014-2024. Nigeria LNG Limited: NLNG Community Relations and Security Reporting 2023. UK CAA CAP 1611: Unmanned Aircraft System Operations in UK Airspace, 2021.

James Whitfield is a Senior Security Consultant with 20 years of experience in critical infrastructure protection, energy sector security, and corporate risk management across global markets.