Major U.S. pipeline system shut down after cyber attack

Discussion in 'other security issues & news' started by hawki, May 8, 2021.

  1. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    I don't need to see another display of multi-million dollar fighter jets making colorful smoke trails on Veterans Day. I want to feel that the regulation of natural gas delivered to my- and others' apt. buildings remains well out of the reach of malicious, grabbing hands.
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    Fighter jets make money for the military-industrial complex though.
     
  3. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,444
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    The gasoline long line fiasco to get gas for your vehicles has started here in the Virginia Beach, Va area. Prices have gone up at least 20 cents a gallon in the last few days. We are expecting longer lines and higher prices every day now. :(
     
  4. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    You think it's better in other countries? Imagine if America can't protect their agencies, what's left for the others. I don't know xD
     
  5. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Faces Deadline to Decide on Hacked Pipeline Restart

    (Bloomberg) -- Colonial Pipeline Co. told federal officials it will know by late Wednesday whether it’s safe to restart gasoline and diesel flows that have been on hold since criminal hackers targeted the company last week.

    The promise comes as frustration grows among political leaders over scant details about when the biggest North American fuel pipeline will recover, while fuel shortages spread rapidly across the South and East...

    The national average retail gasoline price rose to $3.008 a gallon, the first time it’s exceeded $3 since October 2014..."

    https://finance.yahoo.com/news/gas-stations-run-dry-pipeline-100859225.html
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    This is not how I wanted to revisit the '70s.
     
  7. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    I don't know, maybe other countries have got their act together.
     
  8. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    At least disco hasn't made a comeback.
     
  9. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    The specific issue/s that enabled the ransomware to happen haven't been disclosed yet. Gosh, why not? :rolleyes: It's like that police-cam footage that was not publicly disclosed after a high-profile shooting. But wow, if you did nothing wrong or contributory, that footage is on fire, it's out there so fast for people to see.

    My guess is fat-cats with feet on the desk, yakking and texting on the corporate-provided phone and munching on Twinkies. In other words: slack security and networking protocols. Hopefully I'm wrong.

    Not to nit-pick and be off-topic but yes, it did--sort of. Back in the 2010s especially. Very popular in middle Europe. Some called it "nu-disco." A lot of House music and derivatives are composed off of a disco-like vibe. :)
     
  10. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    My guess would be that this would be a good guess.

    Not to nit-pick and be off-topic but yes, it did--sort of. Back in the 2010s especially. Very popular in middle Europe. Some called it "nu-disco." A lot of House music and derivatives are composed off of a disco-like vibe. :)

    Good job I'm into jungle rave then.
     
  11. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Pipeline tried to recruit a cybersecurity boss just two months before...ransomware hack...

    The company, based in Atlanta, Georgia, started trying to recruit a manager to lead its cybersecurity team back in March.

    The job doesn't appear to have been filled and is still being advertised on Colonial's website.

    It was also posted on several job seeking sites, including LinkedIn...

    A job posting on the company's site called for someone with a bachelor's degree in computer science or information security to oversee how Colonial addresses cybersecurity threats, as well as develop and maintain an incident response plan.

    It went on to say the candidate would be accountable for managing Colonial's team of cybersecurity experts and specialists..."

    https://www.dailymail.co.uk/news/ar...ne-tried-recruit-cybersecurity-boss-hack.html
     
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    1. I wouldn't want to be the one held accountable for this. :eek:
    2. If they already have a "team of cybersecurity experts and specialists" I really don't expect "adding a boss" would have done much here. :doubt:
     
  13. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    It seems I was wrong, then. It was even worse. :eek:

    Interesting stuff, hawki.
     
  14. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Pipeline ransomware attack [possibly] linked to Microsoft Exchange vulnerabilities...

    As spotted by The New York Times' cybersecurity reporter Nicole Perlroth, a forensic finding made during an evaluation of Colonial Pipeline noted numerous blind spots that could have led to the security breach, with the 'most likely culprit' being vulnerable Microsoft Exchange services.

    'Interesting forensic finding on Colonial Pipeline: They were STILL using a vulnerable version of Microsoft Exchange (the same systems exploited by Chinese hackers that was revealed in March), among other notable lapses. Per Coalition.

    https://twitter.com/nicoleperlroth/status/1392196162493444098

    — Nicole Perlroth (@nicoleperlroth) May 11, 2021'

    That is to say: It's not guaranteed that Microsoft Exchange issues are to blame for Colonial Pipeline's current problems. Rather, an overall lack of technological sophistication is the root cause of the pipeline operator's issues..."

    https://www.windowscentral.com/colonial-pipeline-ransomware-attack-linked-microsoft-exchange-vulnerabilities?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wmexperts+(Windows+Central)
     
  15. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Pipeline said to have no plan pay hackers ransom

    Colonial Pipeline has no plan at this point to pay a ransom to decrypt data files, said two people familiar with the matter. Rather, they are working with the cybersecurity firm Mandiant to restore the data from backup systems where possible and rebuild systems where backups are unavailable, said the people, who spoke on the condition of anonymity because the matter is still under investigation...

    With that extortion avenue sealed off [by shutting-down repository DarkSide servers] and with Mandiant helping to restore data and rebuild systems, 'there’s no reason to make the payment,' one of the people said..."

    https://www.washingtonpost.com/business/2021/05/12/gas-shortage-colonial-pipeline-live-updates/
     
  16. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  17. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    It's probably not only captcha check, but are hiding behind some filtering reverse proxy by Imperva.
     
  18. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
  19. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "President Biden says expect good news in the next 24 hours on Colonial pipeline

    President Joe Biden said he anticipates good news 'in the next 24 hours' on the ongoing Colonial Pipeline cyber attack that has disabled fuel deliveries along the East Coast.

    'I think you’re going to hear some good news in next 24 hours. And I think we’ll be getting that under control,' said The President..."

    https://www.cnbc.com/2021/05/12/bid...n-the-next-24-hours-on-colonial-pipeline.html
     
  20. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Media Statement Update: Colonial Pipeline System Disruption
    System Restart and Operational Update
    Wednesday, May 12, 5:10 p.m.


    Colonial Pipeline initiated the restart of pipeline operations today at approximately 5 p.m. ET.

    Following this restart, it will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.

    As we initiate our return to service, our primary focus remains safety. As part of this startup process, Colonial will conduct a comprehensive series of pipeline safety assessments in compliance with all Federal pipeline safety requirements.

    This is the first step in the restart process and would not have been possible without the around-the-clock support of Colonial Pipeline’s dedicated employees who have worked tirelessly to help us achieve this milestone. We would also like to thank the White House for their leadership and collaboration, as well as the Department of Energy, Department of Transportation, FBI, PHMSA, FERC and other federal, state and local agencies for their ongoing support.

    We will continue to provide updates as restart efforts progress."

    https://www.colpipe.com/news/press-releases/media-statement-colonial-pipeline-system-disruption
     
  21. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    Lol what

    asdasdasd.png

    This happens with cloudflare dns. But wheN I changed ipv4 adapter to automatic dns, connection disappeared... I have to check why. Sometimes.
     
  22. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom

    (Bloomberg) -- Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said.Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said..."

    https://finance.yahoo.com/news/colonial-pipeline-paid-hackers-nearly-141548661.html
     
  23. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    With $5M you can pretty much retire. Ofc it's split between all the hackers likely, so not really. And if u got away with that, why not go again and get even more money, right? Just don't get caught EZY
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Get caught? Nobody ever seems to be looking for any of these criminals. No reason for any of them to retire.
     
  25. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Geez, what a circus. Was the anonymous one (post #40) deliberately lying about not paying the ransom or what?

    Didn't the operators have "ties to Russia" despite loudly proclaiming to be "apolitical?" That term has a lot of obfuscating layers. It's like before-and-after photos of where a tornado touched down--now looks like this, now it looks like that.

    If any ransom operator gets near trouble, those ties will kick in, no doubt. I just don't get the lies surrounding this incident. It's worse than keeping quiet.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.