Riverside

After cyberattack, US pipeline company halts some operations – Riverside, California

Riverside, California 2021-05-08 17:44:59 –

The company said it had hired an external cybersecurity company to investigate the nature and scope of the attack and also contacted law enforcement agencies.

Operator of a major pipeline system that transports fuel Cross the east coast Saturday said it was sacrificed Ransomware attack Was stopped All pipeline operations to deal with threats.. Experts say it is unlikely to affect gasoline supply and prices unless the attack leads to a long-term outage of the pipeline.

The colonial pipeline did not say what was requested or who requested it. Ransomware attack It is usually performed by criminal hackers who seize data and demand large payments to publish the data.

The attack on the company, which supplies about 45% of the fuel consumed on the East Coast, re-emphasizes critical infrastructure vulnerabilities that damage cyberattacks that could disrupt operations. This presents new challenges for governments that continue to respond to large-scale hacks from months ago, such as large-scale breach of government agencies and businesses. U.S. licensed Russia last month.

In this case, the colonial pipeline shut down the pipeline as Friday’s ransomware attack affected some information technology systems, and the company “aggressively” moved to take certain systems offline. Said. A previous statement stated that “we are taking steps to understand and resolve this issue” with a view to returning to normal operation.

Based in Alpharetta, Georgia, the company transports gasoline, diesel, jet fuel and household kerosene from its Gulf refineries through a pipeline from Texas to New Jersey. Its pipeline system spans more than 5,500 miles and transports more than 100 million gallons a day.

The White House said President Joe Biden was briefed Saturday morning and the federal government is working with the company to assess the impact of the attack, restore operations and avoid supply disruptions. The government is planning various scenarios and is working with state and local governments on measures to mitigate potential supply problems.

Private cybersecurity firm FireEye said it was hired to manage an incident response investigation.

Relation: Report: Georgia-based operators were forced to shut down major pipelines after a cyberattack

Oil analyst Andy Lipou said the impact of the attack on fuel supply and prices depends on how long the pipeline is down. A one- or two-day outage is minimal, but a five- or six-day outage can cause shortages and price increases, especially in areas extending from central Alabama to the Washington, DC region, he said. ..

Lipou said the main concern about long-term delays was the supply of jet fuel needed to keep major airports operating, such as Atlanta and Charlotte, North Carolina.

Robert Lee, CEO of Dragos, a leader in industrial control systems, said systems such as those that directly manage pipeline operations have become increasingly connected to computer networks over the last decade. It was.

However, key infrastructure companies in the energy and power industries also tend to invest more in cybersecurity than in other sectors. If colonial shutdowns are mostly preventative, early detection of ransomware attacks, and well-prepared, the impact may not be significant, Lee said.

Despite long-standing concerns that US adversaries could confuse US energy suppliers, ransomware attacks by criminal gangs are much more common and have surged recently. The Justice Department has a new task force to combat ransomware attacks.

The attack “emphasizes the threat ransomware poses to organizations of all sizes and sectors,” said Eric Goldstein, executive assistant director of cybersecurity at the Federal Cybersecurity Infrastructure and Security Agency. Stated.

“We encourage all organizations to take action to strengthen their cybersecurity regimes and reduce their exposure to these types of threats,” Goldstein said in a statement.

Ransomware encrypts and scrambles the victim’s organization’s data. The criminal leaves instructions on the infected computer on how to negotiate the ransom payment and provides the software decryption key when the payment is complete.

Mainly attacks Criminal organization operating in Russia And other safe shelters reached prevalent rates last year, costing hospitals, medical researchers, private businesses, state and local governments, and schools tens of billions of dollars. Biden administration officials have warned of national security threats, especially after criminals have begun stealing data before scrambling victims’ networks and will publish it online unless ransom is paid. ..

The average ransom paid in the United States almost tripled last year to more than $ 310,000. The average downtime for victims of ransomware attacks is 21 days. Solid cove wear, Helps to deal with victims.

US law enforcement officials say some of these criminals are working with Russian security agencies and the Kremlin is benefiting from damaging the enemy’s economy. These operations may also provide coverage for intelligence gathering.

“Ransomware is the most common catastrophic event that organizations are seeing today and shuts them down to prevent their spread,” said Dave White, president of cybersecurity firm Axio.

Mike Chapple, a professor of IT, analysis and operations at the University of Notre Dame’s Mendoza Business College and a former computer scientist at the National Security Agency, said that systems that control pipelines must not be connected to the Internet. He said it should be vulnerable to cyber intrusion.

“The attack was so sophisticated that it could either defeat a fairly high degree of security control or did not have adequate security control in place,” says Chapple.

Brian Bethoon, a professor of applied economics at Boston University, also said the impact on consumer prices should be short-lived unless the shutdown lasts for more than a week or two. “But it shows how vulnerable our infrastructure is to this type of cyberattack,” he said.

Mr Bethoon said the shutdown was occurring at a time when pandemic regulations were lifted, the economy resumed further, and energy prices were already rising. According to the AAA Automobile Club, the national average of 1 gallon of regular gasoline rose 4 cents from Monday to $ 2.94.

Anne Neuberger, National Security Adviser for the Biden administration’s cybersecurity and emerging technologies, said in an interview with the Associated Press in April that the government could potentially damage power companies, water districts and other important industries. He said he is working on new initiatives to protect against the cyberattacks he gives. .. She said the goal is to ensure that control systems that serve more than 50,000 Americans have the core technology to detect and block malicious cyber activity. ..

Since then, the White House has aimed to protect the country’s power system from cyberattacks by improving the ability of power plant and utility owners and operators to identify cyber threats to their networks. Announced daily initiatives. It contains specific milestones that enable you to use technology to detect and respond to intrusions in real time.

Suderman reported from Richmond, Virginia. Frank Bajak of Boston and Martin Kurt Singer and Michael Balsamo of Washington contributed to this report.

After cyberattack, US pipeline company halts some operations Source link After cyberattack, US pipeline company halts some operations

Back to top button