Critical Pipeline Network Shut Down By Hackers

Uploaded on 2021-05-11 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Utilities

A critical oil pipeline  which supplies 45 percent of the east coast fuel supply has shut-down all pipeline operations after being hacked. Colonial Pipeline has said that it was the victim of “a cybersecurity attack.... In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT system."

Colonial’s network supplies fuel from US refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 8,850km (5,500 miles) of pipelines.

This attack appears to have compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured. “This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyber attack,” Prof. Mike Chapple, security expert and former computer scientist with the US National Security Agency told the Reuters news agency.

In its statement, the company said it had hired a private security firm to investigate the hack and contacted law enforcement and US federal authorities. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway,” it said.

The US Has Suffered Two Major Cyber Security Breaches.

  • The disastrous SolarWinds hack has compromised thousands of US government and private-sector computer networks and was officially blamed on Russia;
  • A widespread cyber attack focused on Microsoft email servers is believed to have affected at least 30,000 US organisations including local governments and was attributed to an aggressive Chinese cyber-espionage campaign.

Both these attacks appeared to be aimed at stealing emails and data but they also create effective ways that can be used to attack the physical infrastructure, however as more details emerge there are a concerns that this may be an extreme criminal attack to extract ransom.

Update:  The  Colonial Pipeline hack has enterd its third day following a ransomware attack on Friday, forcing it to shut down all pipeline operations, although some parts of the network are resuming reduced operationsIf the  pipeline can be restored by Wednesday, it is understood there will be to no long-term impact of the ransomware attack, however, If the shutdown continues, southern states will be the first to experience higher gasoline prices. 

The FBI has blamed the attack on a Russian criminal group, 'DarkSide', thought to have been responsible for attacks on more than 80 companies across the US and Europe to date. DarkSide claims that they do not attack medical, educational or government targets and that they donate a portion of the money they extort to charity. 

FBI:     ABC:      Bloomberg:     Reuters:       ColPipe:      Al Jazeera:     Wired:       Independent

You Might Also Read:

US Sanctions Russia In Retaliation For Cyber Attacks:

 

« Apple Hammered By EU
Covid-19 Has Launched A Pandemic Of Cyber Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Reed Smith LLP

Reed Smith LLP

Reed Smith LLP is an international law firm with offices in the USA, Europe, Middle East and Asia. Practice areas include Information Technology, Privacy & Data Security.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

ecsec

ecsec

ecsec is a specialized vendor of security solutions including information security management, smart card technology, identity management, cloud computing and electronic signature technology.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

NodeSource

NodeSource

NodeSource helps organizations run production-ready Node.js applications with greater visibility into resource usage and enhanced awareness around application performance and security.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

Centroid

Centroid

Centroid is a cloud services and technology company that provides Oracle enterprise workload consulting and managed services across Oracle, Azure, Amazon, Google, and private cloud.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.