Colonial Pipeline attack exposes ransomware “pandemic”

The ransomware attack that shut down the entire network of US fuel pipeline operator Colonial Pipeline - the source of nearly half of the US East Coast’s fuel supply - has been described as one of the most disruptive digital ransom operations ever reported.

President Biden was notified of the attack on Friday and the FBI has confirmed that a relatively new ransomware group, known as DarkSide, is responsible for the incident.

In total, the network shutdown has affected 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. 

Former CISA director Chris Krebs took to Twitter on Saturday to declare that as these types of ransomware attacks have gotten out of control, more comprehensive approaches are needed. He said ransomware was fast becoming a “global pandemic”.

”Coming out of a ransomware weekend, every CEO should convene the senior leader team and review security, incident response plan and business continuity plan (how long to restore backups? We do have backups? What do we do in the meantime?),” he tweeted.

In a statement, the CISA said: ”We are aware of the Colonial Pipeline ransomware incident. We are engaged with Colonial and our interagency partners regarding the situation.”

“This underscores the threat that ransomware poses to organisations regardless of size or sector. We encourage every organisation to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

Be prepared

Brooke Cooper, principal solutions manager, Third Party Risk Management at Fusion Risk Management says the current crisis points to how crucial is a reminder of the need for robust contingency planning.

“One vital aspect that is often overlooked when it comes to attacks on critical infrastructure and the catastrophic situation they cause is operational resilience. As we see with the current issue with the Colonial Pipeline Company, preparedness and backup plans must be built in to every facet of third party management.

”The closure of the pipeline demonstrates that resilience is not just about a product, but the entire reliance on an infrastructure of stability and reliability. Preparedness involves considering what other alternatives or resources are at your disposal.” 

“Always consider back-up alternatives. For example, what did we learn from the ship grounding in the Suez, which backed up all manners of business for weeks and forced costly re-routing? Single points of failure can and will happen. We must reflect on them and imagine how to do things differently. What are the alternatives and the costs? Then document, plan and test.

“Failure is not an option and the reliance on items whether that’s a chip or a major energy pipeline demonstrates the critical business value of preparedness.

”The necessity of testing and executing plans has been especially highlighted with recent events including the global chip shortage, the Suez incident and now the shutdown by The Colonial Pipeline Company. While they show the fragility of delivery systems, they also prove which companies are the most forward-thinking and prepared.”