The six-day shutdown of a key 5,550-mile fuel pipeline earlier this month after a malware attack proved a case study of all the things that can go wrong when the private sector, which controls crucial parts of American infrastructure, drops the ball on cybersecurity and the government doesn’t have the ability to adequately prevent cyberattacks or control the fallout. Our adversaries are watching, which underscores the urgent need for Congress and the White House to move quickly to stop the next breach.
The result of Colonial Pipeline’s response to a recent hacker attack was swift and far-reaching. The private firm closed the spigot on the supply of nearly half of the East Coast’s gasoline, diesel, and jet fuel — something that had never been done before. A combination of fuel shortages and panic buying caused long lines to form at gas stations from Washington, D.C., to Florida. US air travel routes were altered to add stopovers to allow planes to refuel in central and northern states.
Advertisement
And the cybersecurity breach that caused it all was not a sophisticated hack perpetrated by nation-state spies from China or Russia. It was a ransomware attack by a group of Eastern European cyber bandits known as DarkSide, which successfully extorted $4.4 million from Colonial Pipeline as the company rushed to regain control of its information technology system and ensure the hackers had not penetrated the pipeline’s operational system.
