It’s called liquid gold for a reason.
Even though diesel prices have fallen in recent months, it’s still an enormously valuable commodity. In developing economies across Asia and Africa – where a tank of diesel can easily represent the equivalent of several months’ salary – the incentive for theft is sadly all too evident.
Across Africa the problem is particularly acute. In South Africa, for example, telecom companies such as MTN and Vodacom face substantial losses due to vandalism and theft. MTN South Africa reported spending $78.9 million to combat these issues in 2023 alone. Despite partnering with local police and communities to enhance security through measures such as CCTV, panic buttons, and reinforced site containers, incidents of theft and vandalism persist – with one global MNO allegedly experiencing monthly losses of approximately $6.8 million due to these crimes.
The situation is similarly dire in Asia, particularly India, where fuel theft from cell towers is rampant. Telecom companies in rural areas face frequent power outages, making diesel generators essential for maintaining network services. This dependency creates opportunities for fuel theft, which in turn increases operational costs and impacts service reliability.
Since eliminating theft entirely is regarded as unrealistic – especially given the perceived enormity of the financial rewards - the TowerCos’ endgame has become somewhat pragmatic. Rather than trying to make it 100% impossible to steal from your tower (so goes the thinking), simply make it more difficult to steal from your tower than it is from your neighbour's. Let the thieves do their business... elsewhere.
At the most basic level, improved site security – perimeter defences, access control, automated lighting, on-site security guards – all play their part in mitigating losses from theft, usually targeted at remote and seldom-visited cell tower locations. But when the losses can be attributed sometimes to the very individuals working for the TowerCos and MNOs in plain sight as sub-contractors (and often sub-sub-contractors), the ability to keep assets safe becomes exponentially harder.
A classic old-school scam is shorting the delivery. A driver ‘delivers’ 500L to a site (at least according to the paperwork) but only puts 400L into the tank. If there’s level measurement technology present, he can cover his (or her) tracks by topping off with water, or for a longer-term (easily repeatable) short delivery, he can put rocks in the tank to the same effect. The oil reaches a certain level, the measurement telemetry (more often than not, unfortunately, a dipstick) thinks the tank is full of oil, and 500L is registered as the delivery amount.
The first data-driven line of defence in identifying a short delivery (if the low-tech rocks and diluted diesel don’t immediately give the game away) is to look at the generator runtime and correlate it to the input of fuel. If there’s an inconsistency – i.e. fewer runtime hours than the generator should have provided from the documented fuel delivery – the NOC is alerted, and an investigation can be initiated.
But in the ever-escalating arms race between poacher and game keeper, the crimes become increasingly sophisticated, and their detection requires ever more data-centric methods of connecting anomalies and identifying thievery.
In the case of the short delivery, knowing that the runtime of the generators is monitored, some have worked out ways to game the data. One method we’ve repeatedly seen in the field is by simulating, or forcibly increasing, the runtime on the generator. Runtime is usually measured by a relay that closes when power is flowing from the generator to the tower. Every minute the relay is closed represents a minute of generator runtime. Enterprising – and technically trained – criminals will forcibly close this relay when the generator isn’t running, leave it for a few hours, and then return to the site and siphon the corresponding amount of fuel from the tank.
In response, TowerCos have turned to a secondary method of calculating the generator’s actual fuel consumption: power meters. As well as counting minutes and hours of run time, the meter sits between the generator and the tower and measures energy flow – again cross-referencing the amount of power coming from the generator with the documented quantities of fuel deliveries.
Sounds foolproof, right? Since human ingenuity knows no bounds, the bad actors have responded by devising a hack. They will install a cable connection from the on-site grid power directly to the generator so - with the generator turned off but grid power flowing through the generator’s telemetry to the tower infrastructure - it looks (from the NOC perspective) as if the generator is running and burning fuel. In fact, it’s sitting idle and burning funds off the TowerCo’s OpEx.
The secret to deterring and foiling these increasingly sophisticated fuel thefts is by aggregating and triangulating different data sources. For example, when the generator is hacked, the criminals might temporarily disconnect an RMS or two on-site, then reconnect them when the theft is complete. An RMS going down is a serious event, but not in itself a theft-identifying smoking gun (many operators have a blanket policy of not paying for fuel if any fuel data is missing, but this has the unfortunate effect of creating false positives and unfairly penalises sub-contractors when the fault is not theirs). But correlate a downed RMS with two other data points from the powertrain (the identity of which we are keeping very much to ourselves, thank you very much – clever thieves also read blogs) and you’ve got good reason to suspect a crime. And if that crime has been committed by a supplier, you can take action to ensure it doesn’t happen again.
Of course, fuel theft isn’t the only way energy can be lost at a tower site. Methods of siphoning off power are no less inventive than methods of siphoning off fuel. A typical scenario occurs when temporary squatters draw energy downstream of the generator and grid connection in order to power appliances next to the tower site – whether it’s a pressure-washer for a pop-up car wash or an electric grill for an impromptu jerk barbeque. Or in even more brazen cases, running cables from a cell tower to completely power a home. Once again, it’s data correlation that can identify these thefts when power supply fluctuations in the passive infrastructure fail to align with power demand fluctuations created by the active equipment on the tower.
Criminals are becoming ever more wise to the ways in which we monitor the performance of generators and fuel usage on sites. The only way to keep ahead is the deterrent of detection - picking apart their elaborate schemes with data science tools that can aggregate and analyse every anomaly on-site and draw a conclusion from the subtle yet ultimately revealing patterns. The thieves may be able to outwit sensors on a site, but there’s nothing they can do about artificial intelligence in the cloud.
With that sort of site security, it’s your neighbours who had better start worrying.
