Colonial Pipeline cyberattack

Grey Havoc

Grey Havoc

ACCESS: USAP
Senior Member
Joined
9 October 2009
Messages
21,147
Reaction score
12,249

Cyber attack shuts down top U.S. fuel pipeline network

USA-PRODUCTS/COLONIAL PIPELINE (UPDATE 6, PIX):UPDATE 6-Cyber attack shuts down top U.S. fuel pipeline network
news.trust.org news.trust.org


it.slashdot.org

Ransomware Cyberattack Forces Major US Pipeline Company to Halt Operations - Slashdot

"Colonial Pipeline, which accounts for 45% of the East Coast's fuel, said it has shut down its operations due to a cyberattack," reports ZDNet. "The attack highlights how ransomware and other cyberattacks are increasingly a threat to real-world infrastructure. "The company delivers refined...
it.slashdot.org



www.bbc.co.uk

US fuel pipeline hackers 'didn't mean to create problems'

The US has relaxed rules on fuel transport after a ransomware cyber-attack took the pipeline offline.
www.bbc.co.uk

www.bbc.com

Colonial hack: How did cyber-attackers shut off pipeline?

Attacks on critical national infrastructure are an increasing concern, experts say.
www.bbc.com www.bbc.com


www.telegraph.co.uk

Biden declares emergency after hackers shut down major US pipeline

Ransomware attack blames on DarkSide, an Eastern European-based criminal gang
www.telegraph.co.uk www.telegraph.co.uk


finance.yahoo.com

Colonial Hackers Stole Data Thursday Ahead of Shutdown

(Bloomberg) -- The hackers who caused Colonial Pipeline to shut down the biggest U.S. gasoline pipeline on Friday began their blitz against the company a day earlier, stealing a large amount of data before locking computers with ransomware and demanding payment, according to people familiar with...
finance.yahoo.com finance.yahoo.com

news.yahoo.com

Gas Stations Run Dry as Pipeline Races to Recover From Hacking

(Bloomberg) -- Gas stations along the U.S. East Coast are beginning to run out of fuel as North America’s biggest petroleum pipeline races to recover from a paralyzing cyberattack that has kept it shut for days.From Virginia to Florida and Alabama, stations are reporting that they’ve sold out of...
news.yahoo.com news.yahoo.com


gcaptain.com

U.S. Gas Stations Run Dry As Pipeline Races To Recover From Hacking

Oil tanker charter rates skyrocketing in the U.S. with refiners scrambling for ships to store fuel that has nowhere to go. By Joe Carroll (Bloomberg) –Gas stations along the U.S. East Coast...
gcaptain.com gcaptain.com


www.wsj.com

U.S. Blames Criminal Group in Colonial Pipeline Hack

DarkSide, a ransomware organization that researchers say is likely based in Eastern Europe, says it has no connection to foreign governments. The hack has led to the shutdown of the main pipeline supplying gasoline to the U.S. East Coast.
www.wsj.com www.wsj.com


finance.yahoo.com

Colonial Hacker Group Seeks to Shift Blame for Ransomware

(Bloomberg) -- The Federal Bureau of Investigation attributed the massive Colonial Pipeline breach to ransomware created by a relatively new gang called DarkSide on Monday as new details emerged about the group accused of carrying out the attack.“The FBI confirms that the DarkSide ransomware is...
finance.yahoo.com finance.yahoo.com


news.slashdot.org

Pipeline Hackers Say They're 'Apolitical,' Will Choose Targets More Carefully Next Time - Slashdot

The criminal hacking group suspected of being behind the ransomware attack on the Colonial Pipeline, which was shut down as a precaution in response, has published a new statement on its dark web site saying it is "apolitical." From a report: "We are apolitical, we do not participate in...
news.slashdot.org
 
If the United States wants to protect critical infrastructure from this then install some equipment to prevent this or take them offline and put them on a dedicated, monitored system.
 
Or make an example of any company that approaches cybersecurity as a joke to be relentlessly defunded and laughed off the budget. There is no excuse whatsoever for this shit other than greed and laziness on the part of Colonial Pipeline's management and ownership.

People have gone to prison for life without parole for negligence that caused far less damage than this. It's time we apply this standard to cybersecurity and corporate management in general.
 
Maybe I'll piss off many now, but how would this lockdown be handled if the Keystone XL canceled in January was currently up and running? (Obviously, without a hacker attack even on that pipeline and its plants)
 
Dax is a quiet town of 20 000 souls in south-west France not too far from where I grew up. Recently some criminal arseholes paralyzed its hospital via a cyber attack. It was quite devastating and they are still recovering from it. All the patients digitalized files, the hospital complete network was wiped down for the count.
...
I suggest bringing back middle-ages "burning at the stake" for these hackers. Main problem: rotten shit surrounded by scum doesn't burn very well, plus the smell of it would poison the air and make people vomit for hundred of kilometers.
 
Lc89 said:
Maybe I'll piss off many now, but how would this lockdown be handled if the Keystone XL canceled in January was currently up and running? (Obviously, without a hacker attack even on that pipeline and its plants)
Click to expand...

No impact. Colonial is a product pipeline delivering refined petroleum products to distribution centers. Keystone XL was a crude oil pipeline carrying unrefined petroleum to refineries.
 
Archibald said:
I suggest bringing back middle-ages "burning at the stake" for these hackers.
Click to expand...
While we can all agree with this, the reality is that the hackers are almost certainly nowhere that the cops could get to them even if the cops know where they are. Hacking is something that can be done on the far side of the planet.

Lets say you find out that the hackers are in, say, Kurdistan. Or Moscow. Or New Delhi. Whatcha gonna do about it?

What *might* eventually happen is that the worldwide internet breaks down into firewalled separate regional nets. Unlikely, apart from certain nations walling themselves off.
 
TomS said:
Lc89 said:
Maybe I'll piss off many now, but how would this lockdown be handled if the Keystone XL canceled in January was currently up and running? (Obviously, without a hacker attack even on that pipeline and its plants)
Click to expand...

No impact. Colonial is a product pipeline delivering refined petroleum products to distribution centers. Keystone XL was a crude oil pipeline carrying unrefined petroleum to refineries.
Click to expand...
This is true... but it also shows the *importance* of pipelines. When Colonial went down, the response was to start trucking fuel around. And it has clearly been wholly inadequate, and if it keeps going you'll see spills and crashes and fires. Keystone would have provided equivalent safety and efficiency over existing crude delivery systems.
 
This is a national security issue. I suggest putting all critical infrastructure into a secure system under military supervision.
 
What will it take to call up the federal governement on crass incompetence?
Just imagine what would happen if the Israeli govt was this bad...

Edit: I don't mean Trump or Biden, I mean the whole freaking institution with its zillions of generals
 
So, you know that right now, all the Feds are allowed to do for civilian cyber security is issue recommendations, right? They're actually forbidden from requiring specific cyber security measures from private companies, even in critical infrastructure sectors.
 
finance.yahoo.com

Colonial Faces Deadline to Decide on Hacked Pipeline Restart

(Bloomberg) -- Colonial Pipeline Co. told federal officials it will know by late Wednesday whether it’s safe to restart gasoline and diesel flows that have been on hold since criminal hackers targeted the company last week.The promise comes as frustration grows among political leaders over scant...
finance.yahoo.com finance.yahoo.com
 
There are videos floating around of people filling plastic bags with fuel....and at least one photo of a boot full of plastic bags filled with fuel.

The US Consumer Product Safety Commission put out this curt tweet four hours ago 'Do not fill plastic bags with gasoline.'

:rolleyes::rolleyes::rolleyes:
 
Stupid people filling their cars with gasoline fumes *and* liquid gasoline in bags that the gasoline will dissolve would seem to be both a problem *and* a solution all in one.

EWEYz1wWsAA2phX.jpg
 
Why pay a human being anything when remote, computer connected controls can be used? And which can be hacked. Leaving manual controls in working order and sending in a human being to operate the line manually is the quick answer to such problems.
 
PMN1 said:
There are videos floating around of people filling plastic bags with fuel....and at least one photo of a boot full of plastic bags filled with fuel.

The US Consumer Product Safety Commission put out this curt tweet four hours ago 'Do not fill plastic bags with gasoline.'

:rolleyes::rolleyes::rolleyes:
Click to expand...

And that video is at least a year old, unrelated to the current situation.
 
www.dailymail.co.uk

Florida, Virginia, Georgia, North Carolina declare emergency over fuel

The worst shortages were in North Carolina, where 9.7% of all stations were without fuel, according to Gas Buddy Tracker. Virginia was second hardest-hit, followed by Georgia.
www.dailymail.co.uk www.dailymail.co.uk


apnews.com

Biden team moves swiftly to tackle pipeline political peril

The Biden administration swung aggressively into action after a primary gasoline pipeline fell prey to a cyberattack.
apnews.com apnews.com


www.cnbc.com

Colonial Pipeline restarts after hack, but supply chain won't return to normal for a few days

The Colonial Pipeline has restarted operations, after the system shut down on Friday in the wake of a ransomware attack.
www.cnbc.com www.cnbc.com


Colonial Pipeline has no plan to pay ransom to hackers -sources

USA-PRODUCTS/COLONIALPIPELINE-RANSOM (UPDATE 1):UPDATE 1-Colonial Pipeline has no plan to pay ransom to hackers -sources
news.trust.org news.trust.org
 
Orionblamblam said:
Archibald said:
I suggest bringing back middle-ages "burning at the stake" for these hackers.
Click to expand...
While we can all agree with this, the reality is that the hackers are almost certainly nowhere that the cops could get to them even if the cops know where they are. Hacking is something that can be done on the far side of the planet.

Lets say you find out that the hackers are in, say, Kurdistan. Or Moscow. Or New Delhi. Whatcha gonna do about it?

What *might* eventually happen is that the worldwide internet breaks down into firewalled separate regional nets. Unlikely, apart from certain nations walling themselves off.
Click to expand...
The toughest thing is not getting fooled. An attack could appear to come from Russia but actually originate in China. Don't know if it's possible to trace it all the way back to the source with certainty. If it is then tell the country it was launched from that going forward this kind of crap will be considered an attack on our country and respond accordingly. Don't care if some script kiddie flew to China and launched from there. Eventually these "hackers" would be so widely hated they'd probably be executed out of hand.
 
sferrin said:
The toughest thing is not getting fooled. An attack could appear to come from Russia but actually originate in China. Don't know if it's possible to trace it all the way back to the source with certainty. If it is then tell the country it was launched from that going forward this kind of crap will be considered an attack on our country and respond accordingly. Don't care if some script kiddie flew to China and launched from there. Eventually these "hackers" would be so widely hated they'd probably be executed out of hand.
Click to expand...

Then the thing to do would be for the MSS to hire a Russian hacker to launch a cyberattack on Wall Street from Murmansk. US retaliates against Russia, China sits back and receives praise and adulation from Disney.
 
Ah... yes, of course.

In the alternative, add a function to Homeland Security, like securing critical infrastructure. Meanwhile, I doubt the NSA has this problem, and I suspect that they continue to monitor all electronic communications.
 
If this cyber-ransom was directed at Israeli gov't facilities, the guilty bastards would be quietly warned off and if they persisted would die untraceable deaths. See Nazi war criminals, Munich Olympics terrorists, Dr. Gerald Bull, etc. Mossad would leave zero evidence linking them to the assassinations.
 
Orionblamblam said:
sferrin said:
The toughest thing is not getting fooled. An attack could appear to come from Russia but actually originate in China. Don't know if it's possible to trace it all the way back to the source with certainty. If it is then tell the country it was launched from that going forward this kind of crap will be considered an attack on our country and respond accordingly. Don't care if some script kiddie flew to China and launched from there. Eventually these "hackers" would be so widely hated they'd probably be executed out of hand.
Click to expand...

Then the thing to do would be for the MSS to hire a Russian hacker to launch a cyberattack on Wall Street from Murmansk. US retaliates against Russia, China sits back and receives praise and adulation from Disney.
Click to expand...
Yeah. Personally I think they should air-gap anything important from the internet. This would stop all but the most determined adversary. (See Iranian centrifuges.)
 
The lack of imagination I'm seeing from this is staggering. If it's "Oh well, we'll just pay the money. It's still a better deal than keeping everything offline and manual." then they deserve the loss. It's their fault and the so-called hackers.

Meanwhile, the NSA has no idea about what's going on... And that $5 million went to a nonexistent address/location...
 
So, as I'm reading more, it's interesting that what seems to have been hacked is strictly the billing side of their system; there's no indication of a hack against the SCADA or control infrastructure. The pipeline shutdown was strictly precautionary (or because Colonial wasn't sure who and how much to bill for deliveries, if you're more cynical).

Air gapping sounds obvious, but it makes system operations really hard and expensive. The cost of building out and maintaining a dedicated network just to run a set of valves and pumping stations is non-trivial, compared to the cost of plugging those nodes into existing internet services. The more reasonable system would be to tunnel all that through a VPN and actually secure the VPN. Not cheap, but cheaper than a dedicated hardline network for each infrastructure system.
 
TomS said:
Air gapping sounds obvious, but it makes system operations really hard and expensive
Click to expand...
Seems like it would have potentially saved Colonial $5M this week alone.., and then we'll add up the economic disruption up and down the east coast. And paying it guarantees we'll be seeing more of this.

Sometimes, the straightest way is through the mud. For critical infrastructure and systems, I cannot see any cost savings being worth the exposure risk.

As an aside, I don't really want to live in a society where I wake up every day and wonder if the power and gas will work tomorrow because the utilities make it clear they would rather pay ransoms than pay for security.
 
riggerrob said:
If this cyber-ransom was directed at Israeli gov't facilities, the guilty bastards would be quietly warned off and if they persisted would die untraceable deaths. See Nazi war criminals, Munich Olympics terrorists, Dr. Gerald Bull, etc. Mossad would leave zero evidence linking them to the assassinations.
Click to expand...

So untraceable Steven Spielberg makes movies about them...

Israel may blow up a hacker's apartment in Gaza or retaliate in kind against Iran but these kinds of tactics have severe weaknesses.
 
Last edited:

Similar threads

Please donate to support the forum.

Back
Top Bottom