Colonial Pipeline taken down by ransomware
One of the world’s largest fuel pipeline operators, US-based Colonial Pipeline Company, has been forced to shut down its pipeline operations in response to a ransomware campaign that experts believe could be one of the world’s most damaging.
Colonial Pipeline Company learned it was a victim of a ransomware attack on Friday, and responded by taking certain systems offline to contain the threat, the company said in a statement.
These actions temporarily halted all pipeline operations across the US. Colonial Pipeline said it has started the process of restoring its pipelines, and while its mainlines remain out of commission, some smaller lateral lines between terminals and delivery points are now operational.
The company has engaged a third-party cybersecurity firm to investigate the nature and scope of the ongoing attack.
Illumio CEO Andrew Rubin said the event could prove to be “the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe”.
He said such ransomware attacks are a recurring nightmare for organisations. “Organisations continue to rely and invest entirely on detection as if they can stop all breaches from happening,” he said.
Meanwhile, Claroty Chief Product Officer Grant Geyer said the incident will be only a teaser of the future of cyber attacks.
“As cybercriminals and foreign adversaries seek opportunities for financial gain and power projection, critical infrastructure is an easy target,” he said.
“Industrial environments are operating with infrastructure that commonly maintains obsolete technology that can’t be patched, and staff that frequently are not as cyber savvy as they need to be to keep attackers at bay. This leads to a situation where cybersecurity risk levels are below acceptable tolerances, and in some cases organisations are blind to the risk.”
Half of government agencies falling short on email security measures: report
Lack of consistency across Australian Government bodies leaves critical vulnerabilities in the...
CISA and Microsoft warn of “active attacks” on SharePoint
Alerts have been published active attacks exploiting a remote code execution vulnerability in...
NSW Government agencies have ineffective cybersecurity controls: report
The Audit Office of New South Wales has found that NSW Government agencies still have minimal...