After a forced shut down due to a ransomware attack, the Colonial Pipeline has restored operations. Despite the resumption of gas services and slowly stabilizing supply, many experts are still concerned by the implications of the ransomware attack.
Colonial Pipeline corporate servers were infected with ransomware earlier in the week, causing the operator to shut down pipeline operations. The (believed to be) Russian hacking group responsible then threatened to upload the contents of the operator's servers online unless they paid a 75 bitcoin (roughly $5 million) ransom. Colonial Pipeline has since paid said ransom and has resumed operations, restoring its servers from backup after the hackers' decryption tool proved too slow.
Despite the restoration of operations and the quick manner the hack was resolved, many in the cybersecurity field say that
the pipeline hack is a scenario that they have been warning of for years; attacks on vital infrastructure.
"The first thing that comes to my mind is: Thank God this wasn't water," said Nick Merril, a researcher from the Center for Long-Term Cybersecurity.
Many experts have warned of attacks on critical infrastructure for years, pointing to vulnerabilities in power plants, water facilities, and even corporate infrastructures such as point of sale systems and medical databases. The Colonial Pipeline hack now has experts worried that hackers may be capable of such attacks now and are raising concerns that future attacks could be far more extensive in scope and much more damaging.
While groups such as the hackers behind the Colonial Pipeline attack operate to make money (and in many respects, operate as businesses) and typically try to avoid the kind of attention that the recent cyber breach has brought, the possibility of more malicious and aggressive cyber warfare remains a genuine threat.
President Joe Biden has since signed an executive order to increase the Federal Government's cybersecurity against potential future attacks. Experts are warning private firms to take similar measures and look to improve their own cybersecurity.
- https://www.nytimes.com/2021/05/15/business/colonial-pipeline-hack-southeast.html
- https://finance.yahoo.com/news/colonial-says-resumes-normal-operations-203121230.html
- https://www.cnn.com/2021/05/16/tech/colonial-ransomware-darkside-what-to-know/index.html
- https://www.nytimes.com/2021/05/08/us/politics/cyberattack-colonial-pipeline.html
- https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks/