Home Tech Colonial Pipeline Hack Reveals Weaknesses in US Cybersecurity

Colonial Pipeline Hack Reveals Weaknesses in US Cybersecurity

by Mary Sewell

For years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in the United States, imagining how the country would respond.

But when the real, this-is-not-a-drill moment arrived, it didn’t look anything like the war games.

The attacker was not a terror group or a hostile state like Russia, China, or Iran, as assumed in the simulations. It was a criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom.

The most visible effects — long lines of nervous motorists at gas stations — stemmed not from a government response but from a decision by the victim, Colonial Pipeline, which controls nearly half the gasoline, jet fuel, and diesel flowing along the East Coast, to turn off the spigot. It did so out of concern that the malware that had infected its back-office functions could make it difficult to bill for fuel delivered along the pipeline or even spread into the pipeline’s operating system.

What happened next was a vivid example of the difference between tabletop simulations and the cascade of consequences that can follow even a relatively unsophisticated attack. The aftereffects of the episode are still playing out. Still, some of the lessons are already clear and demonstrate how far the government and private industry have to go in preventing and dealing with cyberattacks and creating rapid backup systems for when critical infrastructure goes down.

In this case, the long-held belief that the pipeline’s operations were totally isolated from the data systems locked up by DarkSide, a ransomware gang believed to be operating out of Russia, turned out to be false. And the company’s decision to turn off the pipeline touched off a series of dominoes, including panic buying at the pumps and a quiet fear inside the government that the damage could spread quickly.

A confidential assessment prepared by the Energy and Homeland Security Departments found that the country could only afford another three to five days with the Colonial pipeline shut down before buses and other mass transit would have to limit operations because of a lack of diesel fuel. The report said that chemical factories and refinery operations would also shut down because there would be no way to distribute what they produced.

You may also like

Leave a Comment