ThinkCivics News
An educated citizenry is a vital requisite
for our survival as a free people.
Join ThinkCivics+
  • Culture & Society
  • Economy
  • Health
  • US News
  • Faith
  • Science & Tech
  • World News
No Result
View All Result
ThinkCivics News
  • Culture & Society
  • Economy
  • Health
  • US News
  • Faith
  • Science & Tech
  • World News
Join ThinkCivics+
No Result
View All Result
ThinkCivics News
Join TC+
Home Science & Tech

Pipeline Attack Reveals Weaknesses in U.S. Cybersecurity

ThinkCivics Newswire by ThinkCivics Newswire
May 17, 2021
in Science & Tech
Reading Time: 7 mins read
0
0
Pipeline Attack Reveals Weaknesses in U.S. Cybersecurity

For years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in the United States, imagining how the country would respond.

But when the real, this-is-not-a-drill moment arrived, it didn’t look anything like the war games.

The attacker was not a terror group or a hostile state like Russia, China or Iran, as had been assumed in the simulations. It was a criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom.

The most visible effects — long lines of nervous motorists at gas stations — stemmed not from a government response but from a decision by the victim, Colonial Pipeline, which controls nearly half the gasoline, jet fuel and diesel flowing along the East Coast, to turn off the spigot. It did so out of concern that the malware that had infected its back-office functions could make it difficult to bill for fuel delivered along the pipeline or even spread into the pipeline’s operating system.

What happened next was a vivid example of the difference between tabletop simulations and the cascade of consequences that can follow even a relatively unsophisticated attack. The aftereffects of the episode are still playing out, but some of the lessons are already clear, and demonstrate how far the government and private industry have to go in preventing and dealing with cyberattacks and in creating rapid backup systems for when critical infrastructure goes down.

In this case, the long-held belief that the pipeline’s operations were totally isolated from the data systems that were locked up by DarkSide, a ransomware gang believed to be operating out of Russia, turned out to be false. And the company’s decision to turn off the pipeline touched off a series of dominoes including panic buying at the pumps and a quiet fear inside the government that the damage could spread quickly.

A confidential assessment prepared by the Energy and Homeland Security Departments found that the country could only afford another three to five days with the Colonial pipeline shut down before buses and other mass transit would have to limit operations because of a lack of diesel fuel. Chemical factories and refinery operations would also shut down because there would be no way to distribute what they produced, the report said.

And while President Biden’s aides announced efforts to find alternative ways to haul gasoline and jet fuel up the East Coast, none were immediately in place. There was a shortage of truck drivers, and of tanker cars for trains.

“Every fragility was exposed,” Dmitri Alperovitch, a co-founder of CrowdStrike, a cybersecurity firm, and now chairman of the think tank Silverado Policy Accelerator. “We learned a lot about what could go wrong. Unfortunately, so did our adversaries.”

The list of lessons is long. Colonial, a private company, may have thought it had an impermeable wall of protections, but it was easily breached. Even after it paid the extortionists nearly $5 million in digital currency to recover its data, the company found that the process of decrypting its data and turning the pipeline back on again was agonizingly slow, meaning it will still be days before the East Coast gets back to normal.

“This is not like flicking on a light switch,” Mr. Biden said Thursday, noting that the 5,500-mile pipeline had never before been shut down.

For the administration, the event proved a perilous week in crisis management. Mr. Biden told aides, one recalled, that nothing could wreak political damage faster than television images of gas lines and rising prices, with the inevitable comparison to Jimmy Carter’s worse moments as president.

Mr. Biden feared that, unless the pipeline resumed operations, panic receded and price gouging was nipped in the bud, the situation would feed concerns that the economic recovery is still fragile and that inflation is rising.

Beyond the flurry of actions to get oil moving on trucks, trains and ships, Mr. Biden published a long-gestating executive order that, for the first time, seeks to mandate changes in cybersecurity.

And he suggested that he was willing to take steps that the Obama administration hesitated to take during the 2016 election hacks — direct action to strike back at the attackers.

“We’re also going to pursue a measure to disrupt their ability to operate,” Mr. Biden said, a line that seemed to hint that United States Cyber Command, the military’s cyberwarfare force, was being authorized to kick DarkSide off line, much as it did to another ransomware group in the fall ahead of the presidential election.

Hours later, the group’s internet sites went dark. By early Friday, DarkSide, and several other ransomware groups, including Babuk, which has hacked Washington D.C.’s police department, announced they were getting out of the game.

Darkside alluded to disruptive action by an unspecified law enforcement agency, though it was not clear if that was the result of U.S. action or pressure from Russia ahead of Mr. Biden’s expected summit with President Vladimir V. Putin. And going quiet might simply have reflected a decision by the ransomware gang to frustrate retaliation efforts by shutting down its operations, perhaps temporarily.

The Pentagon’s Cyber Command referred questions to the National Security Council, which declined to comment.

The episode underscored the emergence of a new “blended threat,” one that may come from cybercriminals, but is often tolerated, and sometimes encouraged, by a nation that sees the attacks as serving its interests.That is why Mr. Biden singled out Russia — not as the culprit, but as the nation that harbors more ransomware groups than any other country.

“We do not believe the Russian government was involved in this attack, but we do have strong reason to believe the criminals who did this attack are living in Russia,” Mr. Biden said. “We have been in direct communication with Moscow about the imperative for responsible countries to take action against these ransomware networks.”

With Darkside’s systems down, it is unclear how Mr. Biden’s administration would retaliate further, beyond possible indictments and sanctions, which have not deterred Russian cybercriminals before. Striking back with a cyberattack also carries its own risks of escalation.

The administration also has to reckon with the fact that so much of America’s critical infrastructure is owned and operated by the private sector and remains ripe for attack.

“This attack has exposed just how poor our resilience is,” said Kiersten E. Todt, the managing director of the nonprofit Cyber Readiness Institute. “We are overthinking the threat, when we’re still not doing the bare basics to secure our critical infrastructure.”

The good news, some officials said, was that Americans got a wake-up call. Congress came face-to-face with the reality that the federal government lacks the authority to require the companies that control more than 80 percent of the nation’s critical infrastructure adopt minimal levels of cybersecurity.

The bad news, they said, was that American adversaries — not only superpowers but terrorists and cybercriminals — learned just how little it takes to incite chaos across a large part of the country, even if they do not break into the core of the electric grid, or the operational control systems that move gasoline, water and propane around the country.

Something as basic as a well-designed ransomware attack may easily do the trick, while offering plausible deniability to states like Russia, China and Iran that often tap outsiders for sensitive cyberoperations.

It remains a mystery how Darkside first broke into Colonial’s business network. The privately held company has said virtually nothing about how the attack unfolded, at least in public. It waited four days before having any substantive discussions with the administration, an eternity during a cyberattack.

Cybersecurity experts also note that Colonial Pipeline would never have had to shut down its pipeline if it had more confidence in the separation between its business network and pipeline operations.

“There should absolutely be separation between data management and the actual operational technology,” Ms. Todt said. “Not doing the basics is frankly inexcusable for a company that carries 45 percent of gas to the East Coast.”

Other pipeline operators in the United States deploy advanced firewalls between their data and their operations that only allow data to flow one direction, out of the pipeline, and would prevent a ransomware attack from spreading in.

Colonial Pipeline has not said whether it deployed that level of security on its pipeline. Industry analysts say many critical infrastructure operators say installing such unidirectional gateways along a 5,500-mile pipeline can be complicated or prohibitively expensive. Others say the cost to deploy those safeguards are still cheaper than the losses from potential downtime.

Deterring ransomware criminals, which have been growing in number and brazenness over the past few years, will certainly be more difficult than deterring nations. But this week made the urgency clear.

“It’s all fun and games when we are stealing each other’s money,” said Sue Gordon, a former principal deputy director of national intelligence, and a longtime C.I.A. analyst with a specialty in cyberissues, said at a conference held by The Cipher Brief, an online intelligence newsletter. “When we are messing with a society’s ability to operate, we can’t tolerate it.”

This article was originally published by NY Times. Read the original article.

ThinkCivics Newswire

ThinkCivics researches, examines, and reports on issues that matter most. We deliver explanative, fearless, and insightful analysis for public consumption.

thinkcivics.com
Tags: BidenColonial Pipeline CoCyberwarfare and DefenseDarkSide (Hacking Group)GordonJoseph R JrPipelinesSusan MUnited States Cyber CommandUnited States Politics and Government

Related Posts

“Commie as f***”: New Project Veritas video a recruitment ad for Twitter?

“Commie as f***”: New Project Veritas video a recruitment ad for Twitter?

May 17, 2022
Navy Releases New UFO Footage At House Hearing Showing Craft Hurtling Past Plane

Navy Releases New UFO Footage At House Hearing Showing Craft Hurtling Past Plane

May 17, 2022

Elon Musk warns that Twitter is manipulating its users

May 15, 2022

Musk Says Deal With Twitter ‘Temporarily on Hold.’ Here’s Why.

May 13, 2022
Load More
Next Post
Biden Revokes Trump Executive Orders on Immigration, Monuments and More

Biden Revokes Trump Executive Orders on Immigration, Monuments and More

Next week will be a major test in Biden’s quest for a bipartisan infrastructure deal

Next week will be a major test in Biden's quest for a bipartisan infrastructure deal

Political winds — like those in Britain — mean trouble for Democrats in US

Political winds — like those in Britain — mean trouble for Democrats in US

TODAY'S TOP STORIES

  • Florida Makes a Move on COVID-19 Vaccination That Is Going to Set Hair on Fire

    Florida Makes a Move on COVID-19 Vaccination That Is Going to Set Hair on Fire

    0 shares
    Share 0 Tweet 0
  • Heartache: AOC Wants To Ditch Her Tesla After Elon Musk Teased Her About Hitting on Him – Musk Fires Back HARD

    0 shares
    Share 0 Tweet 0
  • Watch: Things Get Tense Between Lori Lightfoot and Reporter After Rebuke Over ‘Call to Arms’ Tweet

    0 shares
    Share 0 Tweet 0
  • The Bravest Gun Rights Speech You’ll Ever See

    0 shares
    Share 0 Tweet 0
  • Media Deploys Full Blackout After Senator’s Forum Exposes Reports of Horrendous Vaccine Side Effects

    1 shares
    Share 0 Tweet 0

WHO withdraws 12 Biden ‘sovereignty’ amendments amid fierce opposition

by ThinkCivics Newswire
May 27, 2022
0
WHO withdraws 12 Biden ‘sovereignty’ amendments amid fierce opposition
National Security

Amid charges of ceding U.S. sovereignty to the World Health Organization, 12 of the 13 amendments submitted by the Biden administration...

Read more

Newly obtained memo shows John Kerry was conducting ‘secret’ meetings with Iran during the Trump administration

by ThinkCivics Newswire
May 26, 2022
0
Newly obtained memo shows John Kerry was conducting ‘secret’ meetings with Iran during the Trump administration
National Security

This article was originally published on Twitchy.com. Read the original article.

Read more

Handwritten Notes From 2017 Show FBI Agents Mislead DOJ On The Trump-Russia Investigation

by The Federalist
May 19, 2022
0
Handwritten Notes From 2017 Show FBI Agents Mislead DOJ On The Trump-Russia Investigation
National Security

Hillary Clinton’s campaign lawyer Michael Sussmann is currently on trial for lying to the FBI about his role in pushing...

Read more

Jankowicz Got The Boot, But Biden’s ‘Ministry Of Truth’ Hired Replacements Are WORST

by ThinkCivics Newswire
May 19, 2022
0
Jankowicz Got The Boot, But Biden’s ‘Ministry Of Truth’ Hired Replacements Are WORST
National Security

The Department of Homeland Security (DHS) hired the co-author of the PATRIOT Act, arguably the harshest crackdown on civil liberties...

Read more
Biden Raising Gas Prices on Purpose, Top Republican Says
Economy

Biden Raising Gas Prices on Purpose, Top Republican Says

by The Epoch Times
May 28, 2022
0

A top Republican said on Friday that President Joe Biden is raising gas prices on purpose.Sen. Lindsey Graham (R-S.C.) made...

Read more
Economy

Texas Gunman Made ‘Frequent’ Death Threats And Disturbing Posts

by Zero Hedge
May 28, 2022
0

Texas Gunman Made 'Frequent' Death Threats And Disturbing Posts Salvador Ramos, the shooter in the Uvalde, Texas massacre frequently threatened...

Read more
The Sinister Roots of Build Back Better
Economy

The Sinister Roots of Build Back Better

by American Thinker
May 26, 2022
0

President Joe Biden and the puppeteers who control his teleprompter are weakening the country in order to gain more power...

Read more
Watch: Davos Elites Warn “Painful Global Transition” Should Not Be Resisted By Nation-States
Economy

Watch: Davos Elites Warn “Painful Global Transition” Should Not Be Resisted By Nation-States

by Zero Hedge
May 24, 2022
0

As World Economic Forum head Klaus Schwab proclaimed that “the future is built by us” at the opening of the...

Read more
Facebook Twitter RSS

Brilliantly

SAFE!

thinkcivics.com

Content & Links

Verified by Sur.ly

2022

Recent News

  • Biden Defines Defense Down
  • Border Patrol Agents Defied Uvalde Police Orders to Remain Outside School
  • NAACP President Claims Biden’s Student-Debt Relief Plan Doesn’t Go Far Enough: ‘Slap in the Face’

Category

  • Culture & Society
  • Economy
  • Editorials
  • Education
  • Elections
  • Energy
  • Environment
  • Faith
  • Health
  • Immigration
  • Military
  • National Security
  • Politics
  • Science & Tech
  • Uncategorized
  • US News
  • Videos
  • World News

© 2022 ThinkCivics Media. All Rights Reserved.

  • Login
  • Sign Up
No Result
View All Result
  • Home
  • About
  • Store
  • Contact Us
  • Join
  • Contribute

© 2022 ThinkCivics Media. All Rights Reserved.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

OR

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.