May 13, 2021
The largest US fuel pipeline—Colonial Pipeline—was forcibly shut down after it fell victim to a cyberattack during the past weekend. The 5,500-mile pipeline carries refined oil products from Texas to New York, transporting more than 100 million gallons on a daily basis.
According to reports, the malware used in the attack is called ransomware, which requests a ransom from its victims as the only way of preventing sensitive data leaks or regaining access to the system. The FBI identified the attackers as a Russian criminal group called “DarkSide.”
Due to a quick response, operation was restarted for some ancillary lines, with operators working towards a complete return to full-scale capacity. However, the process will take a while—current estimates say that the pipeline’s operation will return to normal by the end of this week.
Will There Be Consequences?
It would be foolish not to expect consequences from this attack. Of course, economic consequences are expected due to the importance of the Colonial Pipeline for the country’s fuel supply.
If the pipeline stays disabled for a while, it might cause fuel shortages in some regions. Another adverse effect of a prolonged shutdown would be that the prices of gasoline could rise. To put it plainly—the longer the issue lasts, the greater the consequences.
Critical infrastructure systems are especially vulnerable to cyberattacks because of their interconnectedness and grid-like nature. Although in the past they operated in a more isolated manner, today they are more connected than ever.
For example, an attack that disables the power grid could potentially leave millions without power until the issue is resolved. It could also disrupt the work of hospitals, banks, and air traffic.
Cyberattacks Are an Ongoing Problem
The rate of cyberattacks is constantly increasing and setting new records each year.
Following previous recent instances of cyberattacks, such as the hacking of the Microsoft Exchange server (March 2021) or the SolarWinds breach (February 2021), Colonial’s cyberattack only reinforces the already clear need to increase protection from these types of attacks, especially when they disrupt people’s everyday lives.
The Microsoft Exchange hack represents a cyberattack with a different aim—data theft. Hackers gained access to emails and address books of over 250,000 users, facilitating further access to their systems, personal data, and credentials. This data can later be sold on the dark web and used for malicious purposes, some of which include phishing scams or even identity theft, so make sure you are protected.
Even though the Microsoft Exchange and SolarWinds hacks happened months ago, these companies are still struggling to fully evaluate the scope and scale of the attacks. Their investigations (much like Colonial’s) are still ongoing. This only demonstrates the long-term impact these instances can have and highlights the importance of developing a better defense system against them.