Hackers Shut Down a Major Pipeline
As of this writing, the pipeline that carries 45% of the fuel for the East Coast of the US is shut down. And the reason why?
Hackers, of course.
This week, in what security experts are calling the biggest attack on the energy sector since 2019, hackers targeted the Colonial Pipeline company with a ransomware attack.
For obvious reasons, the company hasn’t released much information about the details of the hack. Whatever the vulnerability was, and however it was exploited, they don’t want other bad actors taking advantage until everything is fixed.
But we do know that at least 100 gigabytes of data were stolen and held for ransom by the hackers.
The hack itself isn’t what shut down the pipeline — Colonial Pipeline did that as a precautionary measure, just in case the hackers stole information that would allow them to harm the pipeline itself.
Hackers targeting infrastructure is nothing new, even just within the United States. As recently as last year, a natural gas company was hacked and had to shut down for a couple of days. But it is becoming more frequent, and this is the most significant attack on energy infrastructure in the US so far.
No word yet on whether Colonial Pipeline has paid or is planning to pay the hackers to get the data back. It’s working with all kinds of government agencies, from the FBI to the Department of Energy, to get things back in order.
We also don’t know how long the pipeline will be shut down, although there’s plenty of fuel in storage — even more than we usually have stockpiled, since people were using so much less during the height of the COVID-19 pandemic.
In the meantime, it’s becoming more and more clear that companies need to act to protect themselves against attacks like this. Hackers aren’t going anywhere, and any part of our infrastructure that’s connected to the internet is ultimately vulnerable.