Posted on 05/13/2021 5:10:35 AM PDT by Spktyr
Colonial Pipeline will soon resume its normal operations after being forced to shut down due to a ransomware attack. The company has announced that it has initiated its return to service at 5PM Eastern time on May 12th. Since it will take some time to deliver gasoline and diesel to all the areas it serves, some locations may continue suffering from fuel shortage. Colonial promises to "move as much gasoline, diesel, and jet fuel as is safely possible," though, "until markets return to normal."
The pipeline company was targeted by the DarkSide ransomware group, which demanded nearly $5 million in bitcoin. Colonial is a major source of fuel for the East Coast, and the situation triggered fuel shortages. It didn't say whether it's now able to resume fuel shipments because it paid up, but according to CNN, Colonial was able to retrieve its most important data without payment changing hands. The company reportedly worked with US agencies to take a key server offline to disrupt the cyberattack, allowing it to restore its system from backups.
CNN says Colonial paused its operations, because its billing system was compromised in the attack. It had to fix the system first before it could restart its business, and that took some time to accomplish. Colonial didn't confirm whether that truly was the case and whether it paid anything to the attackers.
CISA and the FBI confirmed that DarkSide was used as a "ransomware-as-a-service" to attack the pipeline company. In "ransomware-as-a-service" arrangements, the ransomware's developers get a piece of whatever the affiliates (the actual cyberattackers) get. A CNN source said the affiliate in this attack was likely Russian. DarkSide, previously said, however, that it's apolitical and that all it wanted was to "make money."
No one believes the actual pipeline ops wasn’t hacked after being down for a week.
I saw they have a job opening for a Cybersecurity Manager posted for about a month. First question is what happened to the old CSM and has the FBI talked to them yet?
That’s gotta disappoint the energy sec. she was so happy for a day. Frightening too, one can imagine.
Stop The Crap On Colonial
https://market-ticker.org/akcs-www?post=242356
Let’s start with the stupid: Yes, what they did, assuming the reports are accurate, was stupid.
You do not connect anything that has access to SCADA, that is, control systems, to the Internet. Period. I don’t care how. I don’t why. I don’t care what. You don’t do it. End of discussion.
Oh, but that means the employees can’t work from home! Correct.
Sit in office, work on machine, machine has zero external connectivity, no USB ports or instantly alarms if you plug something into one, etc.
Connections between facilities are encrypted over centrally-controlled infrastructure with regular audits. Nothing beyond the orbit of those devices connects to the sane and sanitary systems. Period, end of discussion, no exceptions.
Next, there are rumors that Colonial had a leak in their line and it was spewing fuel into the environment. It was allegedly supposed to be fixed by a given date. More than one million gallons of gas spewed out of it. Eight months later it was still not corrected. That was on April 19th of this year.
So what’s going on here?
[more at link]
https://market-ticker.org/akcs-www?post=242356
Please see #4, and read it all at the link.
I agree that’s how it should work. Have they ever directly said that’s how it does work? And my question about the CSM is still valid.
“A CNN source said the affiliate in this attack was likely Russian.”
An anonymous CNN source.
Now there’s a firm foundation to set foreign policy and start a war!
What was it Hearst said? “You furnish the pictures and I’ll furnish the war.”
CNN may not be able to provide the pictures, but they can sure provide the frame!
If I can easily protect my cyber security for 25 years, but a billion dollar outfit can’t? Smells fishy!
Russia Russia Russia!
That article was written by an illiterate who does not know the Internet, SCADA, or much of anything. Who the Hell uses black on gray for text except kids?
All utilities are Internet connected and do just fine. Do not take this incident at liberal media face value, that somehow a ransomware attack took out an entire network.
Where’s the NSA?
As a side note the liberals loved loved loved Russia right up to the point where the old Soviet Union abandoned the religion our liberal worship, communism.
Now the apostates are the ultimate evil, and must be destroyed!
Russia, Russia, Russia. 🙄
The price point for this restored supply will be a whole bunch higher than it was a few days ago.
Just a hunch . /s
I heard today that it was Colonial’s billing system that was hacked, and they wouldn’t sell oil until they knew they would been paid. The pipeline itself was not hacked.
This was a test .... it was only a test. Understand yet ? If it’s a real emergency...... have fun
Correct- the only thing the hackers took was customer and internal financial data.
The pipeline has been shut down only for regulatory and compliance reasons; in other words, it’s shut down because of the administrative state.
The “billing” system was compromised so they shut the pipeline down? In other words, they shut the pipelines down, not because the control machinery was compromised, but rather, for fear they couldn’t get paid properly? Thus they shut the pipelines down while causing a hit to the economy that one estimate had it at 500 billion a day when the gas wasn’t flowing?(I think the estimate was a bit over blown and they’ll recoup much of the costs) Oh I think heads should roll over that mishap!
Volume & viscosity will determine what gets moved & how quickly.
Not some PR person in front of “reporters”.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.