The Lead: Massive Pipeline Hack
credit: colonial pipeline
The U.S. government issued an emergency waiver of fuel delivery rules after the Colonial Pipeline was hacked. The pipeline carries 45% of the East Coast’s fuel supply and it has been offline since Friday.
The new rules say that drivers in 18 states can work more hours than normally permitted to make up for the supply chain disruption but this will not be enough to equal the normal pipeline delivery. This disruption is expected to increase fuel costs between 2-3%.
How did this happen?
Hackers were able to penetrate the computing system of Colonial Pipeline and install ransomware. That means that they control the system and lockout the company while they demand a large ransom payment. This group of hackers is known as DarkSide and they also claimed to have stolen 100 gigabytes of data from the company and threatened to post it publicly.
Colonial did not say if it planned to pay this ransom but most companies end up paying when this happens to them. It is cheaper than re-building an entire system and in this case, time is of the essence.
The Wall Street Journal points out that “the consequences of an infection spreading to that deeper layer are dire for any energy company. Many machines that control pipelines, refineries and power plants are well past their prime, have few protections against sophisticated attacks and could be manipulated to muck with equipment or cause damage, cybersecurity experts say.”
So now, about that infrastructure plan?