Critical Pipeline Network Shut Down By Hackers

A critical oil pipeline  which supplies 45 percent of the east coast fuel supply has shut-down all pipeline operations after being hacked. Colonial Pipeline has said that it was the victim of “a cybersecurity attack.... In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT system."

Colonial’s network supplies fuel from US refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 8,850km (5,500 miles) of pipelines.

This attack appears to have compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured. “This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyber attack,” Prof. Mike Chapple, security expert and former computer scientist with the US National Security Agency told the Reuters news agency.

In its statement, the company said it had hired a private security firm to investigate the hack and contacted law enforcement and US federal authorities. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway,” it said.

The US Has Suffered Two Major Cyber Security Breaches.

  • The disastrous SolarWinds hack has compromised thousands of US government and private-sector computer networks and was officially blamed on Russia;
  • A widespread cyber attack focused on Microsoft email servers is believed to have affected at least 30,000 US organisations including local governments and was attributed to an aggressive Chinese cyber-espionage campaign.

Both these attacks appeared to be aimed at stealing emails and data but they also create effective ways that can be used to attack the physical infrastructure, however as more details emerge there are a concerns that this may be an extreme criminal attack to extract ransom.

Update:  The  Colonial Pipeline hack has enterd its third day following a ransomware attack on Friday, forcing it to shut down all pipeline operations, although some parts of the network are resuming reduced operationsIf the  pipeline can be restored by Wednesday, it is understood there will be to no long-term impact of the ransomware attack, however, If the shutdown continues, southern states will be the first to experience higher gasoline prices. 

The FBI has blamed the attack on a Russian criminal group, 'DarkSide', thought to have been responsible for attacks on more than 80 companies across the US and Europe to date. DarkSide claims that they do not attack medical, educational or government targets and that they donate a portion of the money they extort to charity. 

FBI:     ABC:      Bloomberg:     Reuters:       ColPipe:      Al Jazeera:     Wired:       Independent

You Might Also Read:

US Sanctions Russia In Retaliation For Cyber Attacks:

 

« Apple Hammered By EU
Covid-19 Has Launched A Pandemic Of Cyber Crime »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

German Accelerator

German Accelerator

German Accelerator supports high-potential German startups in successfully entering the U.S. and Southeast Asian markets.

Calypso AI

Calypso AI

Calypso AI build software products that solve complex AI risks for national security and highly-regulated industries.

Sygnia

Sygnia

Sygnia is a cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide.

Cyberwatch Finland

Cyberwatch Finland

Cyberwatch Finland's services improve decision-makers’ strategic situational picture and enable successful holistic cyber risk management.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.

METCLOUD

METCLOUD

METCLOUD is driving a cloud evolution. A cloud that promises relentless cybersecurity, performance, resilience and sustainability.

The Instillery

The Instillery

Welcome to The Instillery, where fresh thinking and strategy are blended together to support those with the spirit to dominate with digital.