Critical Pipeline Network Shut Down By Hackers

A critical oil pipeline  which supplies 45 percent of the east coast fuel supply has shut-down all pipeline operations after being hacked. Colonial Pipeline has said that it was the victim of “a cybersecurity attack.... In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT system."

Colonial’s network supplies fuel from US refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 8,850km (5,500 miles) of pipelines.

This attack appears to have compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured. “This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyber attack,” Prof. Mike Chapple, security expert and former computer scientist with the US National Security Agency told the Reuters news agency.

In its statement, the company said it had hired a private security firm to investigate the hack and contacted law enforcement and US federal authorities. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway,” it said.

The US Has Suffered Two Major Cyber Security Breaches.

  • The disastrous SolarWinds hack has compromised thousands of US government and private-sector computer networks and was officially blamed on Russia;
  • A widespread cyber attack focused on Microsoft email servers is believed to have affected at least 30,000 US organisations including local governments and was attributed to an aggressive Chinese cyber-espionage campaign.

Both these attacks appeared to be aimed at stealing emails and data but they also create effective ways that can be used to attack the physical infrastructure, however as more details emerge there are a concerns that this may be an extreme criminal attack to extract ransom.

Update:  The  Colonial Pipeline hack has enterd its third day following a ransomware attack on Friday, forcing it to shut down all pipeline operations, although some parts of the network are resuming reduced operationsIf the  pipeline can be restored by Wednesday, it is understood there will be to no long-term impact of the ransomware attack, however, If the shutdown continues, southern states will be the first to experience higher gasoline prices. 

The FBI has blamed the attack on a Russian criminal group, 'DarkSide', thought to have been responsible for attacks on more than 80 companies across the US and Europe to date. DarkSide claims that they do not attack medical, educational or government targets and that they donate a portion of the money they extort to charity. 

FBI:     ABC:      Bloomberg:     Reuters:       ColPipe:      Al Jazeera:     Wired:       Independent

You Might Also Read:

US Sanctions Russia In Retaliation For Cyber Attacks:

 

« Apple Hammered By EU
Covid-19 Has Launched A Pandemic Of Cyber Crime »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Maureen Data Systems (MDS)

Maureen Data Systems (MDS)

Our mission at Maureen Data Systems is to digitally transform business environments with the use of cloud infrastructure, security and privacy controls, data analytics, and managed services.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

Global EPIC

Global EPIC

Global EPIC is an international cybersecurity initiative designed to combat growing world challenges by facilitating global collaboration in the field of cyber security.

Amnesty Tech

Amnesty Tech

Amnesty Tech's Security Lab leads technical investigations into cyber-attacks against civil society and provides critical support when individuals face such attacks.

Shorebreak Security

Shorebreak Security

Shorebreak Securioty specialize in conducting highly accurate, safe, and reliable Information Security tests to determine the risks posed to your business.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Standard Notes

Standard Notes

Standard Notes is a secure digital notes app that protects your notes and files with audited, industry-leading end-to-end encryption.