Why the Colonial Pipeline cyber attack signals a bigger national security problem for the US
Americans in several states across the southeast region of the United States are beginning to feel the effects of the Colonial Pipeline cyber attack.
Long lines gas stations and rising prices are becoming more prevalent due to fuel shortages across multiple states, but the cyberattack signals a far bigger national security problem the U.S. needs to combat. According to The Washington Post, Colonial Pipeline is responsible for 45% of the fuel being transported to states along the East Coast.
Tiffany Wright, a spokesperson for AAA in the Carolinas, has noted that while the word "shortage" has led to a bit of a panic, it is still rather early to determine the extent of problems the cyberattack could cause.
"People hear something and panic," Wright told the Asheville Citizen-Times. "We're not seeing shortages or bagged pumps. It's still early, but what I will say is that we do have ample supply even though the Colonial Pipeline is responsible for 45% of the fuel going to the East Coast."
Although "shortages" and "bagged pumps" are at the center of most Americans' concerns, the bigger issue centers on the vulnerabilities of the United States' critical infrastructures and the threat that fragility poses.
The attack on the company, which says it delivers roughly 45 percent of fuel consumed on the East Coast, underscores again the vulnerabilities of critical infrastructure to damaging cyberattacks that threaten to impede operations. It presents a new challenge for an administration still dealing with its response to major hacks from months ago, including a massive breach of government agencies and corporations for which the U.S. sanctioned Russia last month.
Most cyberattacks are usually the result of a syndicate of criminal hackers paralyzing network systems by scrambling data. To recover the network, hackers typically require some form of ransom, thwarting day-to-day opportunities in the meantime.
According to Colonial Pipeline, last week's cyberattack did impact "some of its information technology systems and that the company moved 'proactively' to take certain systems offline, halting pipeline operations."
While Colonial Pipeline has remained mum about the hackers' demands, cybersecurity experts are sounding off about a bigger issue illustrated by the attack. Dave White, president of the Axio cybersecurity firm expressed concern about the threat of ransomware.
"Ransomware is the most common disruptive event that organizations are seeing right now that would cause them to shut down to prevent the spread," White said.
Mike Chapple, an IT, analytics and operations professor at the University of Notre Dame's Mendoza College of Business, believes the latest cyberattacks were the result of one of two things: either highly sophisticated hackers with unprecedented knowledge of security controls or proper security barriers were not incorproated.
"The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren't in place," Chapple said.
According to Eric Goldstein, executive assistant director at the federal Cybersecurity Infrastructure and Security Agency's cybersecurity division, the latest cyber blitz "underscores the threat that ransomware poses to organizations regardless of size or sector."
Goldstein also issued a warning to organizations in hopes that they will take precautionary actions to diminish the possibility of future attacks. "We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats," he said.
- Major US pipeline shut by ransomware attack - Alternet.org ›
- Here's what's known and unknown about the hack at Colonial Pipeline ›
- Why Congress and the White House aren't treating the Colonial Pipeline security breach seriously enough - Alternet.org ›
- Colonial Pipeline hackers claim they disbanded amid 'pressure' from US -- but experts aren't buying it - Alternet.org ›
- The Colonial Pipeline ransomware hackers had a secret weapon - Alternet.org ›