Saturday, May 8, 2021

Cyberattack prompts major pipeline operator to halt operations

 


A cyberattack has prompted a company that operates a major energy pipeline in the U.S. to shut down operations.

colonial-pipeline.jpg© AP Photo/Brynn Anderson, File colonial-pipeline.jpg

The Colonial Pipeline Company said in a statement it learned on Friday that it was the victim of a cybersecurity attack, and so "proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems." 

In an updated statement on Saturday afternoon it said it had "determined that this incident involves ransomware."

The breach appears to be an attack on the nation's critical energy infrastructure. In most ransomware attacks, criminal hackers seize data and demand a large payment to release it, although it's unclear what was taken or whether any demands were made.

The company describes its pipeline as "the largest refined products pipeline in the United States," and says it transports more than 100 million gallons of fuel through a pipeline system spanning 5,500 miles between Texas and New Jersey.  

"Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have already launched an investigation into the nature and scope of this incident, which is ongoing," the company said in its statement. "We have contacted law enforcement and other federal agencies."

It said it is taking steps to understand and resolve the issue and its primary focus is the safe and efficient restoration of service "and our efforts to return to normal operation."

In this Sept. 20, 2016 photo vehicles are seen near Colonial Pipeline in Helena, Alabama. The major pipeline that transports fuels along the East Coast says it had to stop operations because it was the victim of a cyberattack.  / Credit: AP Photo/Brynn Anderson© Provided by CBS News In this Sept. 20, 2016 photo vehicles are seen near Colonial Pipeline in Helena, Alabama. The major pipeline that transports fuels along the East Coast says it had to stop operations because it was the victim of a cyberattack.  / Credit: AP Photo/Brynn Anderson

It's unclear who is behind the attack. Details of the incident are unclear. 

The FBI leads investigations on cyberattack incidents, but infrastructure such as the pipeline is the responsibility of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. The FBI and CISA have not yet returned requests for comment.

DHS Secretary Alejandro Mayorkas called ransomware "an existential threat to one's business" this week, saying that more than $350 million in victim funds were paid in 2020 as the rate of ransomware attacks increased by 300% within the United States.

Meanwhile, the House Homeland Security Committee dedicated an entire hearing to ransomware last week. Representative Yvette Clark announced that she will soon introduce the "State and Local Cybersecurity Improvement Act," which would authorize $500 million in cyber grants to state, local, territorial and tribal governments to strengthen cybersecurity and prevent ransomware attacks.

The attack on Colonial Pipeline also comes after the Biden administration issued a wide range of sanctions against Russia last month in retaliation for recent incursions including the SolarWinds cyber espionage campaign. The SolarWinds intrusion that initially gave cyber criminals access to 18,000 government and private computer networks, though a much smaller number were the actual targets of espionage, according to CISA.

Current Time 3:37
Duration 8:37
Loaded52.50%
0
Push for more cybersecurity funding in infrastructure plan

Cybersecurity experts have recently called on the Biden administration and Congress to shore up the nation's digital infrastructure.

"It's clear that we're in the midst of a new normal of cyber enabled malicious activity. The status quo costs American businesses and government agencies hundreds of billions of dollars a year in lost productivity, fraud, and disrupted operations," former CISA director Christopher Krebs and former senior cybersecurity adviser at CISA Matthew Masterson said in an April op-ed in The Hill. "Congress needs to pass a comprehensive digital infrastructure investment bill that authorizes and funds grants to state and local agencies to modernize their technology platforms and obtain the support they need to manage those systems, and safeguard against cyber attacks like ransomware."

No comments: