There’s nothing in this article indicating the operator has a recovery plan in place involving restoring backups to get these systems online. Seems grossly negligent on their behalf, and made almost satiric by the fact that Fireye can be mentioned without reference to their own massive security lapses.<p>Too much focus always on the “hackers” and never the obvious security lapses solved by diverting executive pay to more bodies and training to cover them, but oh well right?
In a twisted sort of way I am happy to see these types of ransomware attacks making headlines. Before it was much harder to quantify how much a breach might cost but with ransomeware you get a fuzzy lower bound. Also the prevalence of these attacks might actually make us all safer in the long run.
Let's see if 15+ years of security people getting after critical infrastructure asset owners like this has made any difference. At least they detected something and shut it down to control the response. They also know the costs to repair and replace things. I don't suspect the pipeline uses a federation of heterogeneous systems to operate its SCADA actuators, so I would speculate it is likely a single firmware vulnerability facilitating it.<p>The global chip shortage for replacement parts if they are needed seems like a strategic coincidence. Definitely an evolving story.
I hope this ransomware called itself the Da Vinci virus? Because this sounds a whole lot like the plot of Hackers [1].<p>The greatest movie of all time, btw.<p>[1] <a href="https://en.wikipedia.org/wiki/Hackers_(film)" rel="nofollow">https://en.wikipedia.org/wiki/Hackers_(film)</a>
Connecting infrastructure to the internet is something that is done for many reasons. It would be a vast improvement of security if most of those connections went through a data diode[1] and only allowed monitoring.<p>Knowing what is happening now with critical infrastructure, through the internet, can be done in a completely safe manner. It is a solved problem.<p>[1] - <a href="https://en.wikipedia.org/wiki/Unidirectional_network" rel="nofollow">https://en.wikipedia.org/wiki/Unidirectional_network</a>
It's only a matter of time, there's gonna be physical casualties at some point in time. We've all seen it in the movies. Experts have warned of the dangers of tethering vital utilities controls to the internet.<p>Is it not possible to develop protocol or device that operates outside of the web but functions like the'two-man' rule used to launch nuclear bombs?
A few years back we had two different instances of this pipeline getting shut down from newly-found leaks. While they say it won’t cause gas shortages, these articles tend to drive people to the pumps in droves in the southeastern states served by it (like mine, NC!).
So, two possible responses by the government to the current increase in these kinds of attacks:<p>1) blame the lack of computer security in our infrastructure, and work on improving that<p>2) blame cybercurrencies, and try to eliminate them<p>Any bets on which one our government will choose?
Given Government inaction on climate change, could we begin to see motivated individuals or groups taking matters into their own hands and targeting fossil fuel infrastructure in this manner?
I wonder if this has anything to do with the Colonial gas pipeline leak? It's been a problem for over 8 months now. Was in the news recently again. Over a million gallons spilled, but they don't really know how much.<p><a href="https://www.msn.com/en-us/news/us/eight-months-later-colonial-pipeline-spill-continuing-to-impact-huntersville-residents/ar-BB1fPAL6" rel="nofollow">https://www.msn.com/en-us/news/us/eight-months-later-colonia...</a>
After reading "This Is How They Tell Me the World Ends" [1], I feel the world working normally is rather a sheer luck. (Probably I'm very late to realize this, but anyway )<p>To me the only reasonable survival strategy is redundancy, but I have no idea how we can reach there.<p>[1] <a href="https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059" rel="nofollow">https://www.amazon.com/This-They-Tell-World-Ends/dp/16355760...</a>
Seems like this company has more than just IT problems
<a href="https://newrepublic.com/article/161498/huntersville-north-carolina-colonial-pipeline-spill" rel="nofollow">https://newrepublic.com/article/161498/huntersville-north-ca...</a>
We need to have military responses to these attacks. Ransomware is running rampant because they don't fear any punishment for attacks. If people attacked our hospitals and pipelines with explosives we wouldn't sit by and do nothing.
It's hilarious to me that a country that invests so much in their military doesn't seem to invest in the security of their infrastructure at all.<p>The entire war machine will grind to a halt without oil. It would be one of the first thing to attack.
hmmm...might be time for me to develop a side-expertise in cybersecurity...always kinda scoffed at those electives before, but now I see that there are literal lives at stake if our nation doesn't have excellent talent working in fields like cybersecurity for national defense.
<i>"This is as close as you can get to the jugular of infrastructure in the United States," said Amy Myers Jaffe, research professor and managing director of the Climate Policy Lab. "It's not a major pipeline. It's the pipeline."</i><p>About that infrastructure security... this forum has gone over in detail the situation of infrastructure security in quite a bit of detail as other stuff has happened.<p>It's easy to say "you need to isolate your critical network from your office network" but that costs dollars and time and letting things fall to shit is free 'till the time comes and then other people the price rather than you.<p><i>The privately held, Georgia-based company is owned by CDPQ Colonial Partners L.P., IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors L.P., Koch Capital Investments Company LLC and Shell Midstream Operating LLC.</i><p>All the best names of neoliberalism!
I'm surprised we don't see more attacks on pipelines - both digital and physical. There are many folks out there who take issue with them or see them as a vulnerable part of our infrastructure.
Url changed from <a href="https://www.bloomberg.com/news/articles/2021-05-08/u-s-s-biggest-gasoline-and-pipeline-halted-after-cyberattack" rel="nofollow">https://www.bloomberg.com/news/articles/2021-05-08/u-s-s-big...</a>, which points to this.