Since it is privately owned, Colonial is under less pressure than a publicly traded company would be likely to be subjected to to reveal details. But as the custodian of much of the nation’s cyber infrastructure, the company is obligated to undergo scrutiny over the quality of safeguards and its transparency of how it responded to the attack.
People familiar with the investigation said that although Colonel insisted she knew about the attack on Friday, it appeared that events unfolded over several days. It hired private cybersecurity company FireEye, which responded Sony Pictures Entertainment hackViolations of energy facilities in the Middle East and many events in which the federal government is involved.
Minimizing pipeline operations to protect against wider and more harmful infiltration is somewhat standard practice. In this case, however, the question was left of whether the attackers themselves now had the ability to directly turn on or off pipelines or trigger operations that could cause an accident.
The ransomware attack is the second known incident of its kind targeting a pipeline operator. Last year, the Cybersecurity and Infrastructure Security Agency reported a ransomware attack on a pipeline operator’s natural gas compression facility. This caused the facility to close for two days, although the agency did not disclose the name of the company.
Cybersecurity experts say the emergence of automated attack and ransom tools in cryptocurrencies, making it difficult to track down perpetrators, has exacerbated these attacks.
“We’ve seen ransomware start to hit easy targets like hospitals and municipalities, where losing access has real-world consequences and makes victims more likely to pay,” said Ulf Lindqvist, a director at SRI International who specializes in industrial system threats. “We are talking about the risk of injury or death, not just losing your email.”
Colonial Pipeline, based in Alpharetta, Ga. , Is owned by several US and foreign companies and investment firms, including Coach Industries and Royal Dutch Shell. The pipeline connects Houston and the Port of New York and New Jersey, and also provides jet fuel to major airports, including those in the Atlanta and Washington DC area.