Because it is privately held, Colonial is under less pressure than a publicly traded company can disclose details. But as the custodian of a major part of a nation’s network infrastructure, the company is bound to be subject to scrutiny for the quality of its safeguards and its transparency of how it responds. with the attack.
People familiar with the investigation said although Colonial insisted they were aware of the attack on Friday, but the events appeared to have unfolded for several days. It hired private cybersecurity firm FireEye, which responded to the Sony Pictures Entertainment hack, the Middle East energy facility breach, and numerous federal government-related events.
Reducing pipeline performance to protect against a broader, more damaging intrusion is quite standard practice. But in this case, the question arises as to whether the attackers have the ability to directly turn on or off the pipes or perform operations that could cause an accident.
The ransomware attack is the second known such attack against a pipe operator. Last year, the Infrastructure and Cyber Security Agency reported a ransomware attack against a compressed natural gas facility belonging to a pipeline operator. That caused the facility to close for two days, even though the company never revealed the company name.
Cyber security experts say the proliferation of automated attack tools and cryptocurrency ransom payments, making it harder to track down the culprit, have exacerbated the attacks. so.
“We have seen ransomware start to attack soft targets like hospitals and cities,” said Ulf Lindqvist, director of SRI International, who specializes in threats to industrial systems. Loss of access has real-world consequences and makes the victim more likely to pay. “We’re talking about the risk of injury or death, not just losing your email.”
Colonial Pipeline, headquartered in Alpharetta, Ga., Is owned by a number of US and foreign investment companies and companies, including Koch Industries and Royal Dutch Shell. This pipeline connects Houston with the Port of New York and New Jersey, and also supplies jet fuel to major airports, including those in Atlanta and the Washington, DC area.