The Colonial Pipeline Attack Exposed Untold Threats

What was the Colonial Pipeline attack? Why did this attack threaten society?

The ransomware attack on Colonial Pipeline shut down fuel delivery to the East Coast in the summer of 2021. This attack exposed a growing cybersecurity threat to U.S. firms and organizations—and to energy companies in particular.

Keep reading to learn about the Colonial Pipeline attack and its consequences for society.

What Was the Colonial Pipeline Attack?

Last year, a cybercriminal group hacked into the computer network of Colonial Pipeline, which is the supplier of 45% of the fuel on the East Coast from Texas to the New York Harbor, and installed ransomware demanding 75 Bitcoins (approximately $5 million at the time). After the Colonial Pipeline attack, the company was forced to close its 5,500-mile pipeline for the better part of a week out of concerns that the group may have infiltrated its operational network, which would allow it to disable equipment and create hazardous conditions.  

This was only the most public of many such recent attacks on the energy sector, which is proving to be an increasingly frequent target for ransomware. In 2019, the sector was the ninth-most attacked industry; in 2020, it was the third-most. 

Unique Threats to Society

As the Colonial Pipeline incident illustrated, attacks on the energy sector pose threats to the country as a whole because the industry has physical infrastructure that underpins so much economic activity. The problem will increase as the world moves toward electricity and away from combustion, as an attack on an electric grid or power system will affect more people. And as far-flung power systems become more integrated, an attack on one system spells trouble for all. These dangers are growing because ransomware groups that have, up to now, primarily targeted the business network of energy companies, are increasingly aiming at their operations networks in order to purposefully disrupt their victims’ functionality.

Unique Threats to Energy Firms

This is partly because the sector is riddled with vulnerabilities. The US has around 2.5 million miles of pipelines outfitted with hundreds of thousands of sensors and valves, each of which is a potential security risk. Further, many firms’ operational networks predate the internet and have older, less-secure protocols. For years, they assumed their networks would be safe if they didn’t connect them to the internet, but they’re starting to connect them now and are running into security problems. (Even keeping them offline is no defense, though, as hackers have figured out how to access them through networked systems anyway.)

The Colonial Pipeline attack also reflects the changing nature of ransomware. Ransomware originally targeted personal computers and asked for small sums, but today it seeks out large ransoms from organizations with deep pockets and sensitive operations—companies that would be more likely to pay a ransom than to disrupt their business. The energy sector is an attractive target. 

The Colonial Pipeline Attack Exposed Untold Threats

Emily Kitazawa

Emily found her love of reading and writing at a young age, learning to enjoy these activities thanks to being taught them by her mom—Goodnight Moon will forever be a favorite. As a young adult, Emily graduated with her English degree, specializing in Creative Writing and TEFL (Teaching English as a Foreign Language), from the University of Central Florida. She later earned her master’s degree in Higher Education from Pennsylvania State University. Emily loves reading fiction, especially modern Japanese, historical, crime, and philosophical fiction. Her personal writing is inspired by observations of people and nature.

Leave a Reply

Your email address will not be published.