Major U.S. pipeline system shut down after cyber attack

Discussion in 'other security issues & news' started by hawki, May 8, 2021.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Major U.S. pipeline system shut down after cyber attack

    Colonial Pipeline says it transports 45 percent of the fuel consumed on the East Coast, reaching 50 million Americans.

    Top U.S. fuel pipeline operator Colonial Pipeline has temporarily shut down all its pipeline operations after being hit by a cybersecurity attack, the company said in a statement on Friday.

    Colonial’s 5,500 miles of pipelines carry fuel from refineries on the Gulf Coast to customers in the southern and eastern United States. It says it transports 45 percent of the fuel consumed on the East Coast, reaching 50 million Americans.

    The company learned of the attack on Friday, and 'proactively took certain systems offline to contain the threat'..."

    https://www.washingtonpost.com/business/2021/05/08/cyber-attack-colonial-pipeline/

    "Cyberattack shuts down massive 5,500-mile pipeline that transports 45% of East Coast's fuel

    Colonial is the largest refined products pipeline in the U.S. and transports approximately 45% of all fuel consumed by the East Coast. This fuel includes gasoline, diesel fuel, home heating oil, jet fuel and fuels for the U.S. military...

    The party behind the cyberattack is unknown..."

    https://abc13.com/massive-pipeline-running-from-tx-to-nj-shuts-down-after-cyberattack/10597850/

    "U.S.’s Biggest Gasoline and Pipeline Halted After Cyberattack

    (Bloomberg) -- Colonial Pipeline, the largest U.S. gasoline and diesel pipeline system, halted all operations Friday after a cybersecurity attack...

    The artery is a crucial piece of infrastructure that can transport 2.5 million barrels a day of refined petroleum products from the Gulf Coast to Linden, New Jersey. It supplies gasoline, diesel and jet fuel to fuel distributors and airports from Houston to New York..."

    https://www.bnnbloomberg.ca/u-s-s-biggest-gasoline-and-pipeline-halted-after-cyberattack-1.1600974
     
    Last edited: May 8, 2021
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    The attack didn't affect any pipeline operations directly. If this happened, it indeed would be "call to war" time.

    Until attack details are known; it could have been a ransomware attack, we will have to see what the response will be.
     
  3. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    The question is if this was the proper response by Colonial Pipeline to a ransomware attack? My statement is no. Its process control computer network should have been isolated from its corp. network. It is assumed the corp. network is the one attacked by ransomware.
     
  5. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  6. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "U.S. Fuel Sellers Scramble for Alternatives to Hacked Pipeline

    Gasoline suppliers are rushing to secure alternative methods of delivery to avert fuel shortages from Atlanta to New York after a ransomware attack shut down the nation’s biggest oil-products pipeline...

    Traders and fuel shippers are seeking barges and ships to deliver gasoline that would have otherwise been shipped on the Colonial Pipeline system...Others are securing tankers to temporarily store gasoline in the U.S. Gulf in the event of a prolonged shut down...

    The attack comes just as the nation’s energy industry is preparing to meet stronger fuel demand associated with summer travel..."

    https://www.bnnbloomberg.ca/u-s-fuel-sellers-scramble-for-alternatives-to-hacked-pipeline-1.1601036
     
  7. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    Again I blame the multi-billion dollar corp. for spending pennies on IT.
     
  8. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Hackers Stole Data Thursday Ahead of Shutdown...

    Attackers stole nearly 100GB of data in two hours on Thursday

    Theft followed by locking of computers and ransom demand

    The hackers who caused Colonial Pipeline to shut down the biggest U.S. gasoline pipeline on Friday began their blitz against the company a day earlier, stealing a large amount of data before locking computers with ransomware and demanding payment,..."

    https://www.bloomberg.com/news/arti...ahead-of-pipeline-shutdown?srnd=technology-vp
     
  9. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Well, maybe I'll take it a step farther and say that among the first shots fired was the WannaCry attack four years ago. Like someone said before me, it's WAR. Doesn't need to be a nuclear thing--the US is plenty ahead there already.

    Instead of commissioning yet another fighter jet or air-craft carrier, why not put key military personnel trained in cyber-espionage into prominent posts within civilian infrastructure? Nothing heroic about scrambling and fumbling around after the damage is done. I'm sick and tired of reading about this, time and time again. You lose tons more money stemming from the ransomware/data leaks than you would taking pre-emptive measures.
     
  10. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    Exactly this.
     
  11. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Biden declares state of emergency over fuel cyber-attack

    The US government declared a state of emergency on Sunday after the largest fuel pipeline in the US was hit by a ransomware cyber-attack...

    Experts say fuel prices are likely to rise 2-3% on Monday, but the impact will be far worse if it goes on for much longer.

    The state of emergency enables oil products to be shipped in tankers up to New York, but this would not be anywhere near enough to match the pipeline's capacity...

    'Unless they sort it out by Tuesday, they're in big trouble,' said Mr Sharma. 'The first areas to be impacted would be Atlanta and Tennessee, then the domino effect goes up to New York.'..."

    https://www.bbc.com/news/business-57050690
     
  12. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    What the BBC may be referring to is an emergency declaration by the U.S. Department of Transportation’s Federal Motor Carrier Administration which loosens hours/conditions of service regulations for drivers of tanker-trailers carrying fuel products in the effected regions.

    "U.S. Department of Transportation’s Federal Motor Carrier Administration Issues Temporary Hours of Service Exemption in Response to the Unanticipated Shutdown of the Colonial Pipeline..."

    https://www.transportation.gov/brie...motor-carrier-administration-issues-temporary

    "ESC-SSC-WSC - Regional Emergency Declaration 2021-002 - 05-09-2021..."

    https://www.fmcsa.dot.gov/emergency/esc-ssc-wsc-regional-emergency-declaration-2021-002-05-09-2021
     
  13. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    I would still assume getting rid of cryptocurrency would eliminate most of if not all of this. I really don't see any positives about it that offset the negatives.
     
  14. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "No restart yet for pipeline shut by cyberattack, gasoline prices climb

    Colonial Pipeline said it had no estimate on when it could restart the 5,500-mile pipeline that it shut Friday after a cyberattack...

    The company that operates the biggest gasoline conduit to the East Coast said on Sunday it had no estimate on when it could restart the 5,500-mile pipeline that it shut Friday after a cyberattack, boosting fuel prices in jittery financial markets to their highest level in three years...

    Colonial Pipeline said in a statement it would only 'bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations'..."

    https://www.politico.com/news/2021/05/09/colonial-pipeline-shutdown-cyberattack-486425
     
  15. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    What does cryptocurrency has to do with this? That u can pay to anynomous wallet?
     
  16. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Absolutely. If you could track the money there would be nowhere for them to hide. This makes it too easy.
     
  17. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  19. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Pipeline eyes restart this week after cyberattack...

    The pipeline company said it was restarting operations slowly 'in a phased approach' for the 5,500-mile pipeline that delivers nearly half of the gasoline, diesel and jet fuel to the East Coast from the oil refinery hub near Houston.

    'This plan is based on a number of factors with safety and compliance driving our operational decisions, and the goal of substantially restoring operational service by the end of the week,' the company said in an update on the ransomware attack on the company's IT systems that prompted it to shut down the line..."

    https://www.politico.com/news/2021/05/10/colonial-pipeline-cyberattack-restart-486582
     
  20. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Colonial Pipeline's website disrupted:

    "We are experiencing a temporary service disruption to our corporate website, and unrelated to the ransomware. We continue to make progress on our system restart plan, and will provide an update when our website is restored..."

    https://twitter.com/Colpipe/status/1392094505235537924
     
  21. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Cyber Sleuths Blunted Pipeline Hack, Choked Data Flow to Russia...

    A small group of private-sector companies, with help from several U.S. agencies, disrupted ongoing cyber-attacks against Colonial Pipeline Co. and more than two dozen other victims...

    Colonial was able to recover some stolen data because of the intervention, which stopped the flow of stolen data headed to Russia...

    The takedown, which occurred on May 8, was enacted by companies that included operators of U.S.-based servers used by the hackers...

    The intervention involved the White House, Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency and National Security Agency, and shut off key servers used by the hackers...

    The hackers were using the servers that were disabled as a repository for storing information before relaying it to computers in Russia..."

    https://www.bloomberg.com/news/arti...hack-choked-data-flow-to-russia?sref=zFmdEBXN
     
  22. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    The operators were claiming to be "apolitical." :rolleyes: Well it's good to know that the dire situation was identified and dealt with swiftly but too bad it wasn't before the fact. Maybe get some real IT professionals or even some from these agencies (FBI, CISA) to take the place of the Pipeline slackards now.

    The US is being successfully targeted and hit left and right because it's vulnerable. Its reputation to the world is likewise. Come on, treat this like an act of WAR. Didn't anyone learn anything from SolarWinds?
     
  23. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    I would assume not... :(
     
  24. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    I expected more from the US Cyber Command and their billions in funding. This is just plain scary and I'm not even an American.
     
  25. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "CISA still waiting for Colonial Pipeline to share key data about hack

    Colonial Pipeline still has not shared important technical information with DHS' cyber agency about the ransomware attack that has crippled its fuel supply operations since last weekend, the agency's acting director told lawmakers Tuesday...

    'Right now, we are waiting for additional technical information on exactly what happened at Colonial so that we can use that information to … protect other potential victims down the road,' acting Cybersecurity and Infrastructure Security Agency Director Brandon Wales told the Senate Homeland Security Committee..."

    https://www.politico.com/news/2021/05/11/cisa-colonial-pipeline-hack-data-487041
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.