A cyberattack on a critical U.S. pipeline is sending ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation’s aging energy infrastructure. The Colonial Pipeline, which delivers about 45% of the fuel used along the Eastern Seaboard, shut down Friday after a ransomware attack by gang of criminal hackers that calls itself DarkSide. Depending on how long the shutdown lasts, the incident could impact millions of consumers.
WHAT HAPPENED TO THE COLONIAL PIPELINE?
Colonial Pipeline, the owner, halted all pipeline operations over the weekend, forcing what the company called a precautionary shutdown. U.S. officials said Monday that the “ransomware” malware used in the attack didn’t spread to the critical systems that control the pipeline’s operation. But the mere fact that it could have done so alarmed outside security experts.
WILL THERE BE GASOLINE SHORTAGES?
It depends on how long the shutdown lasts. Colonial said it’s likely to restore service on the majority of its pipeline by Friday.
There’s no imminent shortfall, and thus no need to panic buy gasoline, said Richard Joswick, head of global oil analytics at S&P Global Platts. If the pipeline is restored by Friday, there won’t be much of an issue. “If it does drag on for two weeks, it’s a problem,” Joswick added. “You’d wind up with price spikes and probably some service stations getting low on supply. And panic buying just makes it worse.”
SO WHAT’S HAPPENING WITH GASOLINE PRICES?
The average gasoline price jumped six cents to $2.96 over the past week, and it’s expected to continue climbing because of the pipeline closure, according to AAA. Mississippi, Tennessee and the East Coast from Georgia to Delaware are the most likely to experience limited fuel availability and higher prices, and if the national average rises by three more cents, these would be the highest prices since November 2014, according to AAA.
WHAT’S RANSOMWARE AGAIN?
Ransomware scrambles data that can only be decoded with a software key after the victim pays off the criminal perpetrators. An epidemic of ransomware attacks has gotten so bad that Biden administration officials recently deemed them a national security threat. Hospitals, schools, police departments and state and local governments are regularly hit. Ransomware attacks are difficult to stop in part because they’re usually launched by criminal syndicates that enjoy safe harbor abroad, mostly in former Soviet states.
WHO IS BEHIND THE ATTACK AND WHAT MOTIVATES THEM?
The hackers are Russian speakers from DarkSide, one of dozens of ransomware gangs that specialize in double extortion, in which the criminals steal an organization’s data before encrypting it. They then threaten to dump that data online if the victim doesn’t pay up, creating a second disincentive to trying to recover without paying.
Ransomware gangs say they are motivated only by profit. Colonial has not said how much ransom s.
WHY WASN’T COLONIAL ABLE TO PREVENT OR CONTAIN THE ATTACK?
Neither Colonial nor federal officials have explained how the attackers breached the company’s network and went undetected. Cybersecurity experts believe that Colonial may not have employed state-of-the-art defenses, in which software agents actively monitor networks for anomalies and are programmed to detect known threats such as DarkSide’s infiltration tools.
WHAT DOES COLONIAL NEED TO RESTORE ITS NETWORK AND HOW LONG WILL THAT TAKE?
That depends on how extensively Colonial was infected, whether it paid the ransom and, if it did, when it got the software decryption key. The decryption process could take several days at least, experts say. Colonial has not responded to questions on these issues, although it said only its IT network was affected.
DO PIPELINES FACE A GREATER RISK OF RANSOMWARE ATTACKS?
They’re not necessarily at greater risk, but they do pose unique challenges. The Colonial Pipeline structure is a vast piece of critical infrastructure that provides fuel supply to states along the East Coast. Such a large network is bound to have different control systems along its path where it connects with distributors or customers.
“Every single time you connect something, you run the risk that you’re going to infect something,” said Kevin Book, managing director at Clearview Energy Partners. That variability can also make it harder for hackers to know where to find vulnerabilities, he said.
Over time, as pipelines expand, companies can end up with a mix of technology — some parts built within the company and others brought in from outside, said Peter McNally, global sector lead at Third Bridge. Many large energy companies have been under pressure from investors to limit reinvestment in such assets, which can be decades old, he added. That can be a problem when dealing with modern criminals.
The Federal Energy Regulatory Commission has established and enforced mandatory cybersecurity standards for the bulk electric system, but there are no comparable standards for the nearly 3 million miles of natural gas, oil and hazardous liquid pipelines that traverse the United States. “Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,” said Richard Glick, chairman of the Federal Energy Regulatory Commission, and Democratic Commissioner Allison Clements, in a joint statement. They called for the U.S. to establish mandatory pipeline security standards.
WHAT CAN BE DONE TO HALT RANSOMWARE ATTACKS?
Previous attempts to put ransomware operators out of business by attacking their online infrastructure have amounted to internet whack-a-mole. The U.S. Cyber Command, Microsoft and cross-Atlantic police efforts with European partners have only been able to put a temporary dent in the problem.
Last month, a public-private task force including Microsoft, Amazon the FBI and the Secret Service gave the White House an 81-page urgent action plan that said considerable progress could be possible in a year if a concerted effort is mounted with U.S. allies, who are also under withering attack.
Some experts advocate banning ransom payments. The FBI discourages payment, but the task force said a ban would be a mistake as long as many potential targets remain “woefully unprepared,” apt to go bankrupt if they can’t pay. Neuberger said Monday that sometimes companies have no real choice but to pay a ransom.
The task force said ransomware actors need to be named and shamed and the governments that harbor them punished. It calls for mandatory disclosure of ransom payments and the creation of a federal “response fund” to provide financial assistance to victims in hopes that, in many cases, it will prevent them from paying ransoms.
NEW YORK (AP) — By FRANK BAJAK AND CATHY BUSSEWITZ Associated Press
Bajak reported from Boston. AP Writer Matthew Daly contributed from Washington.
McDonald’s latest company to be hit by a data breach
McDonald’s has become the latest company to be hit by a data breach after unauthorized activity on its network exposed the personal data of some customers in South Korea and Taiwan.
McDonald’s Corp. said Friday that it quickly identified and contained the incident and that a thorough investigation was done.
“While we were able to close off access quickly after identification, our investigation has determined that a small number of files were accessed, some of which contained personal data,” the burger chain said.
McDonald’s said its investigation determined that only South Korea and Taiwan had customer personal data accessed, and that they would be taking steps to notify regulators and also the customers who may be impacted. No customer payment information was exposed.
McDonald’s said it will look at the investigation’s findings, coupled with input from security resources, to identify ways to further enhance its existing security measures.
Businesses across various sectors are being targeted by cybercriminals, including some very high profile cases in recent weeks. On Wednesday, JBS SA, the world’s largest meat processing company, revealed that it had paid the equivalent of $11 million to hackers who broke into its computer system last month.
And Colonial Pipeline, which transports about half of thec fuel consumed on the East Coast, last month paid a ransom of 75 bitcoin — then valued at roughly $4.4 million — in hopes of getting its system back online. On Monday the Justice Department announced that it had recovered most of the ransom payment.
By MICHELLE CHAPMAN AP Business Writer.
Swaths of internet down, outage at cloud company Fastly
Numerous websites went offline Tuesday after an apparent widespread outage at the cloud service company Fastly.
Dozens of high-traffic websites including the New York Times, CNN, Twitch, Reddit, and the U.K. government’s home page, could not be reached.
San Francisco-based Fastly acknowledged a problem just before 1000 GMT. It said in repeated updates on its website that it was “continuing to investigate the issue.”
About an hour later, the company said: “The issue has been identified and a fix has been applied. Customers may experience increased origin load as global services return.”
A number of sites that were hit early appeared to be coming back online.
Some visitors trying to access CNN.com got a message that said: “Fastly error: unknown domain: cnn.com.” Attempts to access the Financial Times website turned up a similar message while visits to the New York Times and U.K. government’s gov.uk site returned an “Error 503 Service Unavailable” message, along with the line “Varnish cache server,” which is a technology that Fastly is built on.
Down Detector, which tracks internet outages, said: “Reports indicate there may be a widespread outage at Fastly, which may be impacting your service.”
Fastly describes itself as an “edge cloud platform.” It provides vital behind-the-scenes cloud computing services to many of the web’s high profile sites, by helping them them to store, or “cache,” content in servers around the world so that it’s closer to users.
NY transit officials confirm cyberattack; say harm limited
Hackers infiltrated computer systems for the Metropolitan Transportation Authority in New York, setting off a scramble to counter a potentially crippling cyberattack against North America’s largest transit system, MTA officials confirmed on Wednesday.
The officials said in a statement that that agency received an alert from the FBI and other federal agencies saying three of its 18 computer systems were put at risk.
The MTA insisted that it quickly shut down the attack. It said a follow-up forensic analysis also found that no sensitive information was stolen and that rail service for millions of riders each day and other operations were never compromised or disrupted.
“Importantly, the MTA’s existing multi-layered security systems worked as designed, preventing spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyberattacks are a growing global threat,” said Rafail Portnoy, the MTA’s chief technology officer.
The cyberattack was first reported on Wednesday by The New York Times, citing an internal document that was not made public. It was suspected that the breach had links to China, according to the Times.
A statement from the MTA did not mention China. There was no immediate response to requests for comment from the Department of Homeland Security, which is investigating the case.
The MTA systems appear to have been attacked on two days in the second week of April and continued at least until April 20, the Times reported. Hackers gained to systems used by New York City Transit — which oversees the subway and buses — and also the Long Island Rail Road and Metro-North Railroad, according to the MTA document, the newspaper said.
NEW YORK (AP)
McDonald’s latest company to be hit by a data breach
Google Announces Google Workspace for Everyone
Buy now pay later services to reach $995 Bn globally in 2026
Omantel successfully tests enhanced 5G at its HQ
NEOM: A $500 Billion smart-city to be built in Saudi Arabia
5 Reasons Why… Telecoms is Important in Society
Advantages and drawbacks of Voice Recognition Technology
Telecom Sales Strategies that will Bring You Success in 2020
Interview with Yashu Kapila, BugRaptors CEO
Interview with Vic Bozzo, Chief Revenue Officer at SONOC
Raghid Charara, Vice President and Khaled Chatila, VP of Business Development at ANALITICO
Michel Robert, CEO of Epsilon
- Cryptocurrency3 weeks ago
UAE launches DubaiCoin, as Elon Musk tweet causes Bitcoin price surge
- Cryptocurrency2 weeks ago
Norton to rollout cryptominer for Ethereum
- Technology4 weeks ago
How 5G gaming might be every gamers dream come true
- Community4 weeks ago
Changed by pandemic, many workers won’t return to old jobs
- Technology3 weeks ago
Everything you need to know about the Android 12 update
- Views from the Inside2 weeks ago
How are AI and ML Turning the QA Industry?
- News2 weeks ago
CGTN: China gears up for sci-tech development, focusing more on self-reliance
- News3 weeks ago
Gaza-based journalists in Hamas chat blocked from WhatsApp