Posted on 05/08/2021 10:33:09 AM PDT by Beave Meister
WASHINGTON (AP) — A U.S. energy company says a cyberattack forced it to temporarily halt all operations on a major pipeline that delivers roughly 45% of all fuel consumed on the East Coast.
Colonial Pipeline said the attack took place Friday and also affected some of its information technology systems. The company transports gasoline, diesel, jet fuel and home heating oil from refineries primarily located on the Gulf Coast through pipelines running from Texas to New Jersey.
The Alpharetta, Georgia-based company said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.
“Colonial Pipeline is taking steps to understand and resolve this issue,” the company said in a late Friday statement. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”
Oil analyst Andy Lipow said the impact of the attack on fuel supplies and prices depends on how long the pipeline is down. An outage of one or two days would be minimal, he said, but an outage of five or six days could causes shortages and price hikes, particularly in an area stretching from central Alabama to the Washington, D.C., area.
Lipow said a key concern about a lengthy delay would be the supply of jet fuel needed to keep major airports operating, like those in Atlanta and Charlotte, North Carolina.
(Excerpt) Read more at citizenfreepress.com ...
Amen to that!
That's true. But the pipe line controllers and associated computers should be insulated from almost all of the workers.
At least they hired a cybersecurity firm to advise them. Maybe they will harden their system.
The firm I work for was hacked by the Chinese about 6 years ago. They continue to harden systems. They hired white knight hackers to hack our systems and show us our vulnerabilities.
This is from our enemies like China and Russia. No one else would target out infrastructure like this.
Yes. I know firsthand a lot of Chinese students and employees at a big university were only there to send passwords, usernames and details about gaining access back to China.
IT guy said to me there are hundreds of external attempts to break in each day at this one university. Listed China and Russia but many others. It does not even do any defense or research work. However, my idea is they communicate with the ones who do, and especially with the big resedarch and tech companies elsewhere. Might ask for technical journal articles or scientific papers on file.
So, gain access to the unimportant university then use their passwords to access the others with defense and high security data. Indirect but works eventually if one person makes a mistake due to phishing. Especially with those real appearing false web pages and counterfeit email setups.
Saw one diagram showing how they do it. One panel was “Bill, is this genuine?” with counterfeit fraudster replying using the real looking information “Sure, Ted. I had dealings with him and he’s legit. Stop worrying.”
We only managed the Carter gas rationing era because my mom was a mail carrier and could fill up every day.
“Up 10 cents since yesterday.”
Same here, and the gas tanker was pulling in as I was pulling out. I’ll have to see if prices go up again.
Or at least look at it as a proof of concept for a new weapon to be developed and used at some time in the future by our enemies.
“whoever was visiting sites they shouldn’t have on company computers”
There are some systems that should not be connected to the internet. The problem is good old fashioned hubris on the part of people who design and deploy these systems. They truly believe that nobody can hack THEIR program or penetrate THEIR firewall.
“Just topped of my tank 2.99/ gal. Up 10 cents since yesterday.”
I just got back from topping off. $2.65 outside of Raleigh. No panic apparent. Yet.
Has ransomeware been confirmed?
Earlier in the day it was only suspected.
“Conversely, the remedy fo the attack, short of paying the extortion money, is to restore everything from backups, which hopefully was snapshot *before* the ransomware attack and and stored offline.”
I’ve consulted on this subject dozens of times, companies big and small.
Almost nobody can restore their key services and applications from back-ups. And fewer still have ever tested their REAL ability to do so.
Too many companies do not take IT as seriously as they ought to, and it’s often the first budget cut.
Then BAM! they’re out of business.
“This is from our enemies like China and Russia. No one else would target out infrastructure like this.”
If it was one of them there would be fires and explosions, real damage.
Sounds like North Korea’s style. He has thousands of folks doing ransom ware stuff every day.
There probably 100 high school kids that could pull this off at a company that only gives lip service to security.
Which is no less than 50% of the Fortune 500, and just about everybody else.
The pipeline between Texas and NJ is a national security risk. There is no effing way the NSA is not all over their security. This is not some group of high school kids.
“There is no effing way the NSA is not all over their security. This is not some group of high school kids.”
I assure you the NSA was not involved, at least until yesterday. This is the realm of FBI and DHS/CISA.
While there are specific regulations for critical infrastructure, they are really not seriously enforced. There is no lawful way to do that, though folks may want to consider it given the importance.
I was involved with an incident where a major defense contractor and manufacturer was compromised entirely.
Of course that was China.
But it happens all the time with major corporations. Most of them you never hear about.
I worked in telecom for a bank. The bank regulators took this stuff very, very seriously. It was tedious how serious it was. I imagine in the years since I have been retired I imagine it’s gotten even more serious.
Glanced at title of this [not Q] thread.
Thought it read, Ransomnote attack . . .
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.