Critical Pipeline Network Shut Down By Hackers

Uploaded on 2021-05-11 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Utilities

A critical oil pipeline  which supplies 45 percent of the east coast fuel supply has shut-down all pipeline operations after being hacked. Colonial Pipeline has said that it was the victim of “a cybersecurity attack.... In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT system."

Colonial’s network supplies fuel from US refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 8,850km (5,500 miles) of pipelines.

This attack appears to have compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured. “This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyber attack,” Prof. Mike Chapple, security expert and former computer scientist with the US National Security Agency told the Reuters news agency.

In its statement, the company said it had hired a private security firm to investigate the hack and contacted law enforcement and US federal authorities. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway,” it said.

The US Has Suffered Two Major Cyber Security Breaches.

  • The disastrous SolarWinds hack has compromised thousands of US government and private-sector computer networks and was officially blamed on Russia;
  • A widespread cyber attack focused on Microsoft email servers is believed to have affected at least 30,000 US organisations including local governments and was attributed to an aggressive Chinese cyber-espionage campaign.

Both these attacks appeared to be aimed at stealing emails and data but they also create effective ways that can be used to attack the physical infrastructure, however as more details emerge there are a concerns that this may be an extreme criminal attack to extract ransom.

Update:  The  Colonial Pipeline hack has enterd its third day following a ransomware attack on Friday, forcing it to shut down all pipeline operations, although some parts of the network are resuming reduced operationsIf the  pipeline can be restored by Wednesday, it is understood there will be to no long-term impact of the ransomware attack, however, If the shutdown continues, southern states will be the first to experience higher gasoline prices. 

The FBI has blamed the attack on a Russian criminal group, 'DarkSide', thought to have been responsible for attacks on more than 80 companies across the US and Europe to date. DarkSide claims that they do not attack medical, educational or government targets and that they donate a portion of the money they extort to charity. 

FBI:     ABC:      Bloomberg:     Reuters:       ColPipe:      Al Jazeera:     Wired:       Independent

You Might Also Read:

US Sanctions Russia In Retaliation For Cyber Attacks:

 

« Apple Hammered By EU
Covid-19 Has Launched A Pandemic Of Cyber Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IASME Consortium

IASME Consortium

IASME is one of five companies appointed as Accreditation Bodies for assessing and certifying against the UK Government's Cyber Essentials Scheme.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

Industrial Internet Consortium (IIC)

Industrial Internet Consortium (IIC)

The Industrial Internet Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

Global Market Innovators (GMI)

Global Market Innovators (GMI)

Global Market Innovators (GMI) delivers secure technology solutions to organizations in need.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.