The Colonial Pipeline attack was a wake-up call for consumers and government agencies who realize that our country’s infrastructure is at extreme risk of takedown at any moment.
What is Happening?
On the heels of the Colonial Pipeline attack, the U.S. Department of Homeland Security is busy crafting cybersecurity regulations that affect the oil and gas industry.
After the ransomware attack, Colonial Pipeline had to shut down for a week to fix the problem before resuming operations. During those few days, panic spread about oil shortages, and fuel prices spiked. Government regulators understand the need for better security to prevent these occurrences in the future.
First reported by the Washington Post, Data Breach Today reiterates that
“The pending regulations also will require companies to have an executive who is responsible for cybersecurity and has a direct line to the TSA and the Cybersecurity and Infrastructure Security Agency to report an incident, the Post reports. Gas and oil firms will also be required to conduct security assessments.
The first of these new regulations is expected to be issued later this week, according to the newspaper. These will be followed in the coming weeks by other new mandatory cybersecurity requirements for oil and gas companies.”
What Does the Department of Homeland Security Say?
According to The Washington Post a spokesperson told Information Security Media Group,
“The Biden administration is taking further action to better secure our nation’s critical infrastructure. TSA, in close collaboration with CISA, is coordinating with companies in the pipeline sector to ensure they are taking all necessary steps to increase their resilience to cyber threats and secure their systems. We will release additional details in the days ahead.”
Threat experts say these regulations are a good “first step,” but more is needed. To protect our infrastructure and those services that consumers depend on to sustain life, a more proactive approach is necessary.
Highlights of the Colonial Pipeline Attack
The Colonial Pipeline attack was a surprise to everyone. Many hacker gangs have vowed not to interfere with infrastructure-based companies. However, Colonial has deep pockets, which made them an excellent target.
As a result of the attack, Colonial Pipeline had to shut down 5,500 miles of the pipeline until they could restore their systems. The result was fuel shortages along the East Coast and a spike in prices.
Colonial Pipeline paid hackers a ransom of $4.4 million for a decryption key, but it turned out to be false and did not work. The DarkSide ransomware gang is responsible for the attack. Shortly after, the group announced they were shutting down its ransomware-as-a-service operations due to their servers having seized their and cryptocurrency accounts being drained. Furthermore, The DarkSide ransomware gang has also been responsible for other attacks where very recently they made over $90 million from their ransomware attack campaign.
This incident served as an example of how much the power generation industry is far behind in terms of cybersecurity precautions, thus the need for new regulations.
Data Breach Today quotes an executive from Coalfire,
“These organizations over the years have slowly blended their corporate and operational technology networks, creating a nasty opportunity for bad things to occur, as we have seen in the Colonial Pipeline incident.”
After 911, the U.S. government formed the TSA, tasked with keeping America safe. The TSA has been criticized since 2018 by the Government Accountability Office for its lack of preparation against these types of attacks. In its report, the GAO said,
“Given that many pipelines transport volatile, flammable, or toxic oil and liquids, and given the potential consequences of a successful physical or cyberattack on life, property, the economy and the environment, pipeline systems are attractive targets for terrorists, hackers, foreign nations, criminal groups, and others with malicious intent.”
This latest attack has shed new light on the issue and fueled decisive action by government officials. Along with President Biden’s cybersecurity plans, these new regulations will dovetail into the overall goal of securing our nation better against these now common ransomware threats.