Cyber-warfare or blackmail hit the Colonial Pipeline, carrying about 50% of refined petroleum products from the Gulf of Mexico to the Northeast, prompting fears of shortages and spiraling prices. Hacked by a cyber-criminal syndicate called DarkSide from Ukraine, Russia, Kazakhstan or parts unknown, the malware attack shows the vulnerability of cyber-security systems used in the U.S. by the world’s biggest companies. It wasn’t that long ago that alleged Russia hackers inserted code into SolarWinds network management program used by the Pentagon and other government agencies, causing a major security breach. While 78-year-old President Joe Biden blamed Russian President Vladimir Putin, no one has blamed SolarWinds for selling a program to the government without adequate cyber-security. There’s no excuse of the Colonial Pipeline hack.
When it comes to key infrastructure like the electrical grid or fuel supplies, multi-billion dollar companies have no excuse claiming their systems were penetrated by foreign actors. “Our goal is to make money, and not creating problems for society,” said a statement from DarkSide, translating into English from foreign actors, most likely from Eastern Europe. Using ransomware or malware is the oldest trick in the book for cyber criminals looking to disrupt operations or blackmail companies and government’s for cash. Caught flatfooted and embarrassed, Colonial Pipeline said they’re working furiously on returning service at the earliest possible time to avoid panic buying and price-hikes already hitting gas pumps from Houston to the Northeast. Companies that provide essential infrastructure products and services must use the most sophisticated, effective cyber-security software.
When you consider gasoline, diesel and jet fuel supplies could disrupt the entire East Coast corridor, it’s outrageous that Colonial Pipeline used cyber-vulnerable software to run its operations. Whatever cyber-criminals lurk in the far-flung parts of the globe, top U.S. cyber-security companies are several steps ahead of the criminals. Cyber-criminals looking to blackmail companies or governments have become today’s computer-age Somali pirates, once capable of commandeering oil-tankers and freighters to demand hefty ransoms for cargoes and personnel. Without lifting Kalashnikov, today’s cyber-pirates are even more dangerous, considering how much they can disrupt life as we know it in the civilized world. No one knows if Colonial Pipeline has been contacted by DarkSide to pay a ransom to have service restored. No company should give in to cyber-terrorism.
Colonial Picpeline runs as 5,500 mile [8,850 km] pipeline from Houston to the Northeast, supplying about 50% of refined products to trains, planes and automobiles. Colonial claims it restarted some smaller pipelines between fuel terminals and consumer deliver points but the main pipeline remains shutdown due to software malfunction. “While this situation remains fluid and continues to evolve, the Colonial operations team is executing a plan that involves an incremental process that will facilitate a return to service in a phases approached,” said Colonial. Returning to a phased deliver indicates that Colonial software engineers don’t have an answer for the current malware that shut down the system. Using alternative delivery pathways like ship, train or truck tankers doesn’t solve the pipeline debacle. South, Mid-Atlantic and Northeast deliver points have already seen shortages and price hikes.
Responding to the crisis, the Department of Transportation, run by 39-year-old Secretary Pete Buttigieg, announced it would loosen restrictions to make train-and-truck based transportation more accessible. Colonial’s system moves about 2.5 million barrels a day of gasoline, diesel and jet fuel, something difficult to make up with conventional transportation systems. Colonial hopes to resolve the ransomware problems before disruptions to the supply-chain prevent Atlanta’s Hartsfield Airport—that nation’s busiest terminal—from receiving adequate jet fuel supplies. But apart from using alternative pipelines like Kinder Morgan Inc.’s 72,000 barrel per day, Colonial must go back to the drawing board to figure out what happened to its software. Whatever DarkSide’s demands for cash, Colonial must spend whatever it takes to upgrade its cyber-security software running the pipeline.
Today’s new cyber-pirates aren’t going to disappear anytime soon, requiring U.S. and foreign software programs to use more sophisticated cyber-security programs. There’s simply no excuse that Colonial’s software was vulnerable to a common ransomware attack. Too much rides on the U.S. economy to see 50% of the nation’s fuel supplies impacted by Easter European hackers looking to blackmail companies or government for cash. White House and Congressional cyber-security experts need to urgently respond to the latest malware attack. It does no good to rant about foreign actors capable of penetrating essential infrastructure or petroleum distribution. Whatever happened with the Sept. 12, 2020 SolarWinds hack, there’s no excuse for Colonial Pipeline’s vulnerability to a malware attack. Shutting down Colonial’s pipeline shows how vulnerable the U.S. is to cyber-attacks.
