top of page
Writer's pictureToBeSecured

Ransomware Attack on the Colonial Pipeline

Welcome back to another post from ToBeSecured and Happy Wednesday. On tomorrow, I will be dropping my 2nd interview via my Instagram page: ToBeSecured with a special guest. This will be an extension to Episode 50, which I released on yesterday and discussed the release of the new iOS 14.6 update and that it is now available for download/installation. If you haven't already, tune in and update your devices to the latest version to protect against any vulnerabilities, bugs, and fix any issue with Apple's apps (Ex: Apple Podcasts).


On today, I want to talk about the recent ransomware attack on the Colonial Pipeline that caused gas shortages and panic buying in Eastern U.S. A bad actor made a direct attempt on United States utilities, in this case a critical fuel pipeline that runs for 5,500 miles and supplies coastal states from Texas up along the East Coast to New York.

Ransomware, which is primarily criminal and profit-driven, can rise to the level of posing a national security risk and disrupt national critical functions. After several days of investigation by the FBI, a new for-profit ransomware gang called DarkSide is being targeted. However, DarkSide has issued a statement shifting the blame for the ransomware attack to “an affiliate,” indicating that the actual culprit may have been a hapless ransomware-as-a-service customer that may not have had much idea of what it was doing.


The shutdown threatened to disrupt airplane travel and mass transit and resulted in a $4.4 million ransom payment to foreign hackers, according to the pipeline's CEO. Senior DHS (Department of Homeland Security) officials told reporters this week that "the Colonial Pipeline incident and the broader range of ransomware attacks in the past several months have created a public consciousness of cybersecurity threats that arguably we haven't seen in the past decade." In the wake of the Colonial Pipeline attack, the White House has launched a new strategy to tackle the growing threat to critical infrastructure beyond the isolated efforts of DHS and the Justice Department.


The Biden administration will mandate cybersecurity regulations for the nation's leading pipeline companies. Previously, voluntary guidelines were given to industry leaders. The new security directive issued by the Department of Homeland Security (DHS) will require pipeline companies to report cyber incidents to federal authorities. The security directive is part of a larger "strategic plan" by DHS to protect against future cyber incidents like the Colonial Pipeline attack, according to senior agency officials.


The TSA division responsible for securing the nation's 2.7 million miles of pipeline had just five full-time employees in 2019, none with cybersecurity expertise, according to a TSA official. "We have [no employees] that have specific cybersecurity expertise," Sonya Proctor, director of the Surface Division for the Office of Security Policy and Industry Engagement at TSA, told lawmakers at a February 26 House Homeland Security Committee hearing. "They do have pipeline expertise, but not cybersecurity expertise."


That has since changed. DHS officials told CBS News that "[TSA] does have trained staff in place now for pipeline security both on the cybersecurity side and on the physical security side." A senior DHS official said the agency's cybersecurity group "received extensive training from Idaho National Laboratory, along with some additional training from CISA." For weeks, the Biden administration and lawmakers have voiced concerns about a lack of strict cybersecurity regulations for gas and oil pipeline operators, reigniting the debate for greater company accountable in securing U.S. infrastructure against cyber threats.


Companies that fail to comply with the TSA directive will be subject to financial penalties imposed on a daily basis, resulting in compounded costs, one senior DHS official said.


What are your thoughts on this topic? Subscribe to my blog if you haven't already and follow my Instagram - ToBeSecured for CyberTuesday vlogs. I have launched my YouTube channel and you can find me by simply typing Kassirer Dunn into the search engine. Thank you for tuning in and remember ToBeSecured!



11 views0 comments

Recent Posts

See All

Comments


bottom of page