Colonial Pipeline was not the First and it wont be their Last Cyber Pirate Attack

From Mozilla Foundation
Jump to: navigation, search

Here are my top recommendations:



The Colonial Pipeline is an essential piece of US infrastructure.



It transports around 45 percent of East Coast fuel. It covers more than 5,500 miles. SERVER LIST It transports 2.5 millions barrels of diesel, gasoline, and jet fuel every day. The pipeline's shutdown has not caused any disruptions, however it's something that could be possible.



This could be an underground criminal network.



The ransomware organization that claims the credit for the Colonial Pipeline attack is called DarkSide and is a part of Russia and is believed to lease its software to other hackers. The US does not have any specific connection with DarkSide to the Russian government, but instead believes the group is operating to earn a profit.



Related: More on DarkSide



It seems like this will only get worse.



"All of our industries are experiencing some form of digital transformation, which means they're becoming more connected and taking advantage of things such as cloud resources. That connectivity allows adversaries to come into these systems and harm them in these ways," Rob Lee, the CEO of Dragos the cybersecurity firm has told CNN 's Jim Sciutto on Monday.



There are small and large targets.



As Colonial Pipeline races to get fully operational the majority of the country could be impacted by higher prices for gasoline and shortages of jet fuel. This is a major attack.



There were fewer people directly hurt when the DC Police Department was targeted and hackers threatened to release information about confidential informants.



The number of targets available is huge.



"Everybody is at risk," said Lee. We'll be attacked. The issue is how do we be more responsive and more resilient in the face of those attacks so that the consequences don't affect our daily lives."



There's so much we don't know.



The precise nature of the Colonial Pipeline attack, whether there were demands or it was discovered is not apparent from the company's announcements. PCMag published an article in April about the way that ransomware extortionists' emails can be read, and the way they put pressure on companies to pay ransom, rather than have sensitive data released to customers.



For every attack you hear about, there are other attacks that you don't.



More than two dozen government agencies in the US have been affected this year alone, according to experts. Homeland Security Secretary Alejandro Mayorkas raised the alarm about these attacks this week, in a speech before the US Chamber of Commerce before Colonial Pipeline was hit, calling them an "existential threat" to businesses.



Ransomware attacks have caused ransomware attacks to cost more than $350 million in victim funds (also known as ransom) in the last year.



This will impact the debate about Biden's plan for updating US infrastructure.



Watch out for a debate on the extent to which Biden's $2 Trillion plan to modernize the nation's infrastructure is enough to safeguard it against cyberattacks. Politico reported in April that the plan to secure new infrastructure was not given enough attention. On the other hand, the current infrastructure is clearly susceptible to attack.



Government hacks vs. ransomware attacks.



The main US security breach that occurred in the last year was not caused by ransomware pirates searching for a payday instead, but by Russian hackers who were seeking intelligence. They gained access by hacking software from SolarWinds the Texas company. They hacked into at least nine US government agencies, including that of Homeland Security, and numerous private businesses.



Separately data could be hacked by a hacker from China on Microsoft Exchange servers around the world.



There may not be much functional difference between ransomware pirates hacking US systems and foreign governments.



Here's an excellent quote from Chris Krebs, who until November last year was director of the Cybersecurity and Infrastructure Security Agency at DHS. He said to CNN that the distinction between the role of a Russian state actor and a crime network operating within Russia is "increasingly irrelevant."



"Ransomware crews have been operating from Russia for years, with huge impact on our schools, our local and state government agencies, and on our health care facilities," he said. "They have the tacit approval from the Russian government, and it has to end."



A large portion of the infrastructure we rely on is privately owned.



CNN's stories on the bright line drawn by Colonial Pipeline, a private company that transports fuel via the pipeline, and America who's infrastructure is dependent on it, really struck me.



The story of Liptak caught my attention because Colonial Pipeline had not asked for government help.



"This weekend's events have revealed the fact that our nation's critical infrastructure is owned by private sector companies," stated Elizabeth Sherwood Randall who is the White House homeland security advisor. "When these companies are targeted, they serve the first line defense and we rely on their effectiveness to defend us."



Anne Neuberger, the top security official on the National Security Council, said Colonial Pipeline had not asked for "cyber-support" from the federal government, but that federal officials were ready and "standing by" to assist should they be asked for it.



Neuberger would also not say if Colonial Pipeline had paid ransom but he did say that companies are in the "difficult situation."

Retrieved from "https://mozillabd.science/index.php?title=Colonial_Pipeline_was_not_the_First_and_it_wont_be_their_Last_Cyber_Pirate_Attack&oldid=2747900"