Any shortcomings by Colonial would be especially egregious given its critical role in the U.S. energy system, providing the East Coast with 45% of its gasoline, jet fuel and other petroleum products.
Smallwood, a partner at iMERGE and managing director of the Institute for Information Governance, said he prepared a 24-month, $1.3 million plan for Colonial. While iMERGE’s audit was not directly focused on cybersecurity “we found many security issues, and that was put in the report.”
Colonial’s statements Wednesday suggest it may have heeded a number of Smallwood’s recommendations. In addition, it says it has active monitoring and overlapping threat-detection systems on its network and identified the ransomware attack “as soon as we learned of it.” Colonial said its IT network is strictly segregated from pipeline control systems, which were not affected by the ransomware.
EXPLAINER: What s next for pipelines after Colonial hack
CATHY BUSSEWITZ and ERIC TUCKER, Associated Press
May 13, 2021
FacebookTwitterEmail 4
1of4A fuel tanker driver delivers a 9000 gallon load of fuel at the Sheetz in Raleigh, N.C., Thursday, May 13, 2021. Operators of the Colonial Pipeline say they began the process of moving fuel through the pipeline again on Wednesday, six days after it was shut down because of a cyberattack. (Travis Long/The News & Observer via AP)Travis Long/APShow MoreShow Less
2of4Vehicles wait in lines at the Costco in Raleigh, N.C., Thursday, May 13, 2021. Operators of the Colonial Pipeline say they began the process of moving fuel through the pipeline again on Wednesday, six days after it was shut down because of a cyberattack. (Travis Long/The News & Observer via AP)Travis Long/APShow MoreShow Less
To embed, copy and paste the code into your website or blog:
This post is a follow up from our recent discussion of the cyberattack that took the 5,500-mile Colonial Pipeline offline last week and the growing threat ransomware poses to our nation’s energy system. On May 10, 2021, a group called DarkSide took responsibility for the ransomware and the FBI has since confirmed the group’s involvement. DarkSide indicated that the attack was financially, not politically, motivated. DarkSide, which allegedly has loose ties to the Russian government, has targeted several other companies recently, including other, smaller U.S. power companies.
By Justin Katz
May 12, 2021
Lawmakers and government officials are re-examining the Transportation Security Administration s place in regulating the cybersecurity of the country s natural gas pipelines in the wake of the ransomware attack on Colonial Pipeline s business systems. The office responsible for those policies is historically short staffed and the agency has yet to address several issues brought up by government auditors in December 2018.
In this instance, Colonial Pipeline faced a crippling attack on its IT system, but the fallout from the event has regulators and lawmakers worried about how the U.S. is prepared to confront an assault on the industrial control systems that manage energy pipelines.
Any shortcomings by Colonial would be especially egregious given its critical role in the U.S. energy system, providing the East Coast with 45% of its gasoline, jet fuel and other petroleum products.
Smallwood, a partner at iMERGE and managing director of the Institute for Information Governance, said he prepared a 24-month, $1.3 million plan for Colonial. While iMERGE’s audit was not directly focused on cybersecurity “we found many security issues, and that was put in the report.”
Colonial’s statements Wednesday suggest it may have heeded a number of Smallwood’s recommendations. In addition, it says it has active monitoring and overlapping threat-detection systems on its network and identified the ransomware attack “as soon as we learned of it.” Colonial said its IT network is strictly segregated from pipeline control systems, which were not affected by the ransomware.