Pipeline Shutdown Shows Need for Tougher Cybersecurity Laws

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

The six-day shutdown of a key 5,550-mile fuel pipeline earlier this month as a result of a malware attack proved a case study of everything that can go wrong when the private sector, which regulates critical sections of American infrastructure, fails to prioritize cybersecurity and the government lacks the resources to properly deter cyberattacks and manage the fallout. 

Colonial Pipeline’s response to a recent hacker attack was fast and comprehensive. The private company turned off the supply of nearly half of the East Coast’s oil, diesel, and jet fuel, which had never been done before. Long lines formed at gas stations from Washington, D.C., to Florida as a result of a combination of fuel shortages and panic buying. Stopovers were added to US air travel routes to enable planes to refuel in central and northern states. 

Colonial Pipeline was the victim of a ransomware attack by a group of Eastern European cyber bandits known as DarkSide, which extorted $4.4 million from the company as it rushed to reclaim control of its information management infrastructure and ensure the hackers had not breached the pipeline’s operating system. The pipeline was eventually brought back online, and DarkSide discontinued operations However, the most serious harm had already been done: The incident demonstrated how simple it was to put a large portion of American infrastructure to a halt with a cyberattack that was as sophisticated as a pickpocketing.