Colonial Pipeline Hack

Pipeline hack exposes infrastructure security weak points

Friday news is bad for this newsletter, because we can’t include it until six days later. It’s especially unwelcome when that news is negative. It’s decidedly morale-crushing when it has a direct effect on our readers, such as the May 7 hack on the Colonial Pipeline that occurred last week and is currently stifling the energy sector and everyday drivers. Here’s an update on the situation, better late than never.

The White House spoke on the incident today (Editor’s note: I guess we’re not the only ones playing catch-up here), urging calm. This came, in part, in response to frantic stockpiling of gasoline occurring in the South and other affected areas, perhaps best captured here by Buzzfeed’s photo array. When in doubt, look to Twitter to encapsulate American chaos.

18 Chaotic Gas Shortage Pictures (buzzfeed.com)

The Colonial hack is just the most recent example of infrastructure security’s weak spots. Here are some major examples of cyberattacks on infrastructure targets in the last three years alone.

Mitsubishi Electric Corporation, one of Japan’s biggest defense and infrastructure contractors, confirmed in late 2020 it was victim of a hack that divulged sensitive information in those realms—by way of an employee’s compromised account, no less— in the summer of 2019. The Tokyo-based electrical corporation says it believes the attack was orchestrated by Chinese-linked cyber-espionage group Tick, or Bronze Butler.

In March 2018, the U.S. Department of Justice said members of the Mabna Institute, a Tehran-based company, stole more than 31 terabytes of data and intellectual property from universities, as well as “email accounts of employees at private sector companies, government agencies, and non-governmental organizations.”

In the U.S., that hacking affected more than 140 universities, 30 companies and five government agencies, the Deputy Attorney General at the time, Rod Rosenstein, said. “For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps.”

Pipeline industry leaders Oneok, Energy Transfer Partners, Boardwalk Pipeline Partners, and Eastern Shore Natural Gas, a Chesapeake Utilities subsidiary, all reported communications system interruptions stemming from the 2018 incident. CNBC reported at the time that the attack’s likely target was Latitude Technologies, a Texas-based provider of electronic data-sharing between pipeline companies and their gas producer and utility customers.

U.S. Blames Criminal Group in Colonial Pipeline Hack – WSJ

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: