May 19, 2022


Just another WordPress site

The Colonial Pipeline Hack Is a New Extreme for Ransomware 

For years, the cybersecurity industry has warned that state-sponsored hackers could shut down large swathes of US energy infrastructure in a geopolitically motivated act of cyberwar. But now apparently profit-focused cybercriminal hackers have inflicted a disruption that military and intelligence agency hackers have never dared to, shutting down a pipeline that carries nearly half the fuel consumed on the East Coast of the United States.

On Saturday, the Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500 mile path from Texas to New Jersey, released a statement confirming reports that ransomware hackers had hit its network. In response, Colonial Pipeline says it shut down parts of the pipeline’s operation in an attempt to contain the threat. The incident represents one of the largest disruptions of American critical infrastructure by hackers in history. It also provides yet another demonstration of how severe the global epidemic of ransomware has become.

helpful hints
helpful resources
helpful site
her comment is here
her explanation
her latest blog
her response
here are the findings
his comment is here
his explanation
his response
home page
hop over to here
hop over to these guys
hop over to this site
hop over to this web-site
hop over to this website
how much is yours worth?
how you can help
i loved this
i thought about this
i was reading this
image source
in the know
informative post
investigate this sitekiller deal
knowing it
learn here
learn more
learn more here
learn the facts here now
learn this here now
like it
like this
linked here
listen to this podcast
look at here
look at here now
look at more info
look at these guys
look at this
look at this now
look at this site
look at this web-site
look at this website
look here
look these up
look what i found
love it
lowest price
made a post
made my day
more about the author
more bonuses
more help
more helpful hints
more hints
more info
more info here
more information
more tips here
moved here
my company
my explanation
my latest blog post
my response
my review here
my sources

“This is the largest impact on the energy system in the United States we’ve seen from a cyberattack, full stop,” says Rob Lee, CEO of the critical-infrastructure-focused security firm Dragos. Aside from the financial impact on Colonial Pipeline or the many providers and customers of the fuel it transports, Lee points out that around 40 percent of US electricity in 2020 was produced by burning natural gas, more than any other source. That means, he argues, that the threat of cyberattacks on a pipeline presents a significant threat to the civilian power grid. “You have a real ability to impact the electric system in a broad way by cutting the supply of natural gas. This is a big deal,” he adds. “I think Congress is going to have questions. A provider got hit with ransomware from a criminal act, this wasn’t even a state-sponsored attack, and it impacted the system in this way?”

Colonial Pipeline’s short public statement says that it has “launched an investigation into the nature and scope of this incident, which is ongoing.” Reuters reports that incident responders from security firm FireEye are assisting the company, and that investigators suspect that a ransomware group known as Darkside may be responsible. According to a report by the security firm Cybereason, Darkside has compromised more than 40 victim organizations and demanded between $200,000 and $2 million in ransom from them.

The Colonial Pipeline shutdown comes in the midst of an escalating ransomware epidemic: Hackers have digitally crippled and extorted hospitals, hacked law enforcement databases and threatened to publicly out police informants, and paralyzed municipal systems in Baltimore and Atlanta.

The majority of ransomware victims never publicize their attacks. But Lee says his firm has seen a significant uptick in ransomware operations targeting industrial control systems and critical infrastructure, as profit-focused hackers seek the most sensitive and high-value targets to hold at risk. “The criminals are starting to think about targeting industrial, and in the last seven or eight months we’ve been seeing a spike in cases,” says Lee. “I think we will see a lot more.”

In fact, ransomware operators have increasingly had industrial victims in their sights in recent years. Hydro Norsk, Hexion, and Momentive were all hit with ransomware in 2019, and security researchers last year discovered Ekans, the first ransomware apparently custom-designed to cripple industrial control systems. Even targeting a gas pipeline operator isn’t entirely unprecedented: In late 2019, hackers planted ransomware on the networks of an unnamed US natural gas pipeline company, the Cybersecurity and Infrastructure Security Agency warned in early 2020—though not one of the size of Colonial Pipeline’s.

In that earlier pipeline ransomware attack, CISA warned that the hackers had gained access to both the IT systems and the “operational technology” systems of the targeted pipeline firm—the computer network responsible for controlling physical equipment. In the Colonial Pipeline case, it’s not yet clear if the hackers bridged that gap to systems that could have actually allowed them to meddle with the physical state of the pipeline or create potentially dangerous physical conditions. Merely gaining broad access to the IT network could be cause enough for the company to shut down the pipeline’s operation as a safety precaution, says Joe Slowik, a threat intelligence researcher for security firm Gigamon who formerly led the Computer Security and Incident Response Team at the US Department of Energy. “The operator did the right thing in this case as a response to events,” Slowik says. “Once you can no longer assure positive control over the environment and clear visibility into operations, then you need to shut it down.”