From May 7 to 12, 2021, the massive Colonial Pipeline refined oil product delivery system ground to a halt. It was the victim of a DarkSide ransomware cyberattack. The Colonial Pipeline delivers about 45% of fuel for the East Coast, including gasoline, diesel fuel, heating oil, jet fuel and fuel used by the military.
When Colonial security teams detected the malware, it had already infected the company’s IT network, which they shut down. The pipeline operators also shut down OT systems to prevent the malware from spreading. Due to the threat of a fuel shortage, North Carolina, Virginia, Georgia and Florida declared a state of emergency.
As per Jen Easterly, CISA Director, the Colonial Pipeline attack was a watershed moment “when the vulnerability of our highly connected society became a nationwide reality and a kitchen table issue.” The attack — and many more that followed — forced policymakers, regulators and executives to take cybersecurity threats and policy issues more seriously.
Follow up on TSA security recommendations
In the wake of the Colonial attack, the TSA issued two pipeline security directives in FY 2021. How well did they do following their own directives?
Recently, the DHS Inspector General released an audit report that was used to determine whether TSA’s 2021 security directives addressed cyber threats and stakeholder concerns. Was pipeline security strengthened after all? Unfortunatel ..
Support the originator by clicking the read the rest link below.
