A follow-up on a ransomware attack that forced one of the largest US pipeline systems last Friday brought up major concerns about the vulnerability of the country’s infrastructure. The hack was seen as one of the biggest cyberattacks on critical national infrastructure in history. The pipeline company called Colonial Pipeline is responsible for half of the east coats fuel supplies, it is responsible for transportation of fuel between Houston and New York Harbor.
The question is, How can you hack a pipeline? When you imagine a pipeline company all you think about are the pipes, the oils, and the grease but there is actually a lot of digital operations involved in a modern company like Colonial Pipeline. All pipes are equipped with pressure sensors, thermostats, valves, and pumps that are used to monitor and control the flow of diesel, petrol, and jet fuel across all of the pipes in the system.
All these sensors are connected to a central system that is able to monitor and control them in real-time. According to cyberattack expert Jon Niccolls, “All the devices used to run a modern pipeline are controlled by computers, rather than being controlled physically by people. If they are connected to an organization’s internal network and it gets hit with a cyber-attack, then the pipeline itself is vulnerable to malicious attacks”.
Colonial even has a smart robot that is able to move through the pipes to check for anomalies. So if a hacker is able to get into the central system, he can essentially control all the sensors on all of the pipelines. They might have gained access when a gullible employee opened a malicious email while at work. Hackers don’t attack systems directly as they’re usually well protected. All hackers need is a weak link in the chain.
The group responsible for this attack has been identified by the FBI as DarkSide. The group is a new ransomware gang that is also thought to be based in Russia. Hackers are maturing and growing, a few years ago no one would think that hackers would be bold enough to attack critical national infrastructures. According to Andy Norton from cyber-defender Armis, “What we’re seeing now is the ransomware gangs are maturing. Where there is critical public service on the line, there is more chance of them getting the ransom paid”.
Andy further urged companies to up the ante on their cybersecurity solutions, saying that “It’s up to organizations to implement the type of cyber-security that is appropriate and proportionate and it’s recognized that there are more teeth required by regulators to enforce this”.
Surprising DarkSide posted an apology on their darknet website, referencing “Today’s News”, they said that “Our goal is to make money and not creating problems for society. From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future”. They have even previously announced that they would donate some of the extortion money to charity.
Hackers must think they’re real life Robin Hoods.