icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm

Oil pipeline cyberattack exposes America’s multi-trillion dollar infrastructure security crisis

Oil pipeline cyberattack exposes America’s multi-trillion dollar infrastructure security crisis
Last Friday, a cyberattack prompted the shutdown of the biggest piece of energy infrastructure in the United States, the Colonial Pipeline system that supplies almost half of the gasoline and diesel that the East Coast consumes.

The attack naturally led to higher gasoline prices and a run on gas as drivers worried about looming shortages while Colonial Pipeline Co. worked to restart the flow of fuels.

Yet the higher prices at the pump and a possible shortage of fuel supplies are the smaller problem. It is, after all, temporary, and its effect will be transient. But there is a bigger problem, and it concerns the energy infrastructure of the United States: exactly how secure is it?

As the attack suggests, not very. True, experts said early on that the group that carried out the attack was made up of seasoned hackers. Later, a ransomware group called DarkSide took responsibility for the attack, and the FBI also pointed at the group as the culprit.

Also on rt.com DarkSide hackers claim they wanted cash – not economic havoc caused by cyberattack on US pipeline

Here's what DarkSide said in its statement: "We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives. Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."

The statement clearly seeks to address allegations made that Russia was behind the attack, but even the White House was careful not to point its finger at Moscow, with President Biden saying there was no evidence that it was involved in the attack. That deals with the geopolitical motive, but the statement also suggests that DarkSide and their partners will not stop, even if they did not mean to cause problems. And willingly or not, they are going to cause problems.

"Colonial may be at risk of confidential shipper (customer) data being leaked," says Vicki Knott, chief executive of CruxOCM, a provider of control room operations services for the oil and gas industry.

"Shipping toll information is public; however, depending on the contract structure Colonial has with its customers, there are likely nuances between customers with respect to guaranteed volumes to be moved and spot volume prices/movements. If leaked, it could result in a confidentiality breach and impact the competitive process between customers – which can further result in a major lawsuit from customers."

But lawsuits from companies paying Colonial Pipeline Co. to ship their fuel are the least of the problems that cyberattacks on energy infrastructure could cause. A major safety or environmental disaster is a much bigger reason to worry about such attacks if they targeted the control system of the pipeline, according to Knott.

That the attack was possible means that critical energy infrastructure is not very well protected against such breaches. And there's worse: security experts are talking about a ransomware pandemic.

"Honestly, I think for anyone who's been tracking ransomware closely, this really shouldn't be a surprise," according to Philip Reiner, chief executive of the Institute for Security and Technology, a nonprofit organization. "This is yet another example of what is really a ransomware pandemic that needs to be addressed at the highest level," he told The Verge following the Colonial Pipeline attack.

If there's talk about a pandemic, then things must be really serious: if ransomware attacks are so frequent, then it must be a miracle that disasters are not more frequent.

"The Colonial Pipeline cyber attack should be a wakeup call on Capitol Hill" a Tufts University professor told Forbes' David Blackmon. "We need to think holistically about security threats against America's energy infrastructure — and implement smart policies that will reduce security threats across the entire energy system," Rockford Weitz, director of the Fletcher Maritime Studies Program, said.

Also on rt.com Traders scramble to buy gasoline from Europe after US pipeline outage

It should also be a wakeup call in company boardrooms as DarkSide and its likes target corporations and not governments. This wakeup call concerns overall security of operations and data protection: issues that seem to be particularly serious in the energy industry.

"The Colonial Pipeline is yet another example of a ransomware attack on poorly protected corporate data, which has affected already exasperated issues within the energy sector," says Sam Agyemang, co-founder of HaulerHub, a smart logistics platform for shippers and haulers. "As more and more American companies realize this is a threat that is not going away on its own, by updating systems and putting employee data in the hands of employees to manage this can greatly reduce the impact of cyber warfare."

It seems, then, that the American energy infrastructure has some serious problems to solve. These problems just became a lot more urgent after the Colonial Pipeline outage, but this doesn't mean they will get a quick solution. Security is a tricky business, and hackers are usually a step ahead, which makes it even trickier. 

According to cybersecurity tech firm Cybereason, DarkSide just released a new version of their ransomware.

This article was originally published on Oilprice.com

Dear readers and commenters,

We have implemented a new engine for our comment section. We hope the transition goes smoothly for all of you. Unfortunately, the comments made before the change have been lost due to a technical problem. We are working on restoring them, and hoping to see you fill up the comment section with new ones. You should still be able to log in to comment using your social-media profiles, but if you signed up under an RT profile before, you are invited to create a new profile with the new commenting system.

Sorry for the inconvenience, and looking forward to your future comments,

RT Team.