720-891-1663

Alerts, Best Practices

Fallout of the Colonial Pipeline Attack

Leave a comment

It is interesting that this attack has captured the attention of consumers and government alike.

For those of you not affected, the Colonial Pipeline company runs the major pipeline for refined petroleum products between Houston and New Jersey with many stops in between. The pipeline covers 5,500 millions and moves 100 million gallons of fuel a day, supporting cars, trucks, airplanes and power plants. That represents almost half of the fuel for the east coast.

Since last Friday the pipeline has been shut down and there are already spot shortages on the east coast. More shortages to come. Hoarding has already started.

The big (public) questions right now is how did the hackers get in and if the got in by way of the business (IT) network, how did they jump over to the pipeline (OT) network.

While Colonial said that they shut things down as a precaution, if they thought the OT network was safe they would not have shut down that network.

The pipeline was shut down Friday. This is Tuesday night and they say it will take a few more days to bring the pipeline up and then a few more days to fill it.

Here is one interesting tidbit that could explain a lot. Apparently the TSA manages the country’s pipeline security program. Do I need to say more? OMB did an assessment in 2018 and made a series of recommendations to improve security. Credit: Security Week

The attack has forced the DoE to issue emergency waivers for truckers to help fill the void, but at 1 million gallons a day, and if we assume that tankers hold 10,000 gallons, that would require a hundred extra tanker trips a day. Definitely possible, but hard to do with no warning.

Colonial hired FireEye to investigate. They are among the best in the business, so it is likely they will get to the bottom of things, but it is not easy.

There are a lot of federal agencies involved from Energy to Commerce to Justice to CISA and others.

Everyone believes the attack is tied to Russia, but at least at this point, they are not tying it directly to Putin, but that will likely happen. Credit: CSO Online

The reality of the challenge is this. The White House, at a briefing after the attack, said that the onus on protecting the country is on the private sector.

The feds offered Colonial their “help”, but Colonial declined. I can’t even imagine the lawsuits that are going to come out of this.

Darkside, the hacking group claiming responsibility for this, is claiming that they are sorry and will do better at picking targets. Likely this is an effort to avoid getting a bullet to the back of the head by Putin’s team. Credit: SC Magazine

The message from this attack and based on the successful attack on a Florida water system and the attempted attack on a Kansas water system recently, is that we, at this point, cannot say that we can protect our critical infrastructure. It is only a matter of time before we have an attack of major proportions. Hate to be a pessimist, but I don’t see any other outcome. Maybe I will be wrong. Remember it was only a couple of months ago that we lost the power grid in Texas. While that was not due to an attack, it does point out how fragile things are and how massive the consequences are.

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 CyberCecurity, All rights reserved. Privacy Policy