Pipeline Supplying The Southeast Shut Down After Ransomware Attack – IOTW Report

Pipeline Supplying The Southeast Shut Down After Ransomware Attack

AP

The federal government is working with the Georgia-based company that shut down a major pipeline transporting fuel across the East Coast after a ransomware attack, the White House says.

The government is planning for various scenarios and working with state and local authorities on measures to mitigate any potential supply issues, officials said Saturday. The attack is unlikely to affect gasoline supply and prices unless it leads to a prolonged shutdown, experts said. More

28 Comments on Pipeline Supplying The Southeast Shut Down After Ransomware Attack

  1. Does anyone think that the federal government is really going to help? I think they relish the thought of the pipeline shut down so even if they were smart enough to do anything, I don’t think they want to.

    9
  2. Cyberextortion or global warming?

    Iranian hackers have also been aggressive in trying to gain access – Slow Joe gave them a key.
    “Come On Man” what could go wrong?

    4
  3. Stoopid cvnts.
    Stoopid stoopid cvnts.
    I remember the switch from slide rules to electronic calculators.
    Lets just party like it’s 1999 and the Y2K bug is looming.
    Cvnts.

    4
  4. Great to hear all the stupid shit posted on here about this.

    These systems are behind hardware firewalls, they aren’t part of the internet we all use.

    This wasn’t kids in mom’s basement that did this. My day job is the natural gas pipeline counterpart to the product pipeline that Colonial operates.

    This is serious. Like, we should just shoot the people that did this in the head and let that word travel among their friends that have similar capabilities. Not on the news, just some dead bodies in that office. That is how you put the brakes on this shit.

    12
  5. …my food plant, which also does military, got hit with one of these on our SCADA system for the majority of our process vessels, apparently because someone on second shift was bored and wanted to see naked women, and my R&D people got pissy about being able to remote it so I got overruled on keeping an air gap firewall.

    Well, our IT department set up the Internet facing port and the rack storage away from the system, but didn’t take that avenue into account, and also didn’t realize that this PARTICULAR attack would follow mapped drives and encrypt THEM, too.

    …so I came in that morning and had most of our retorts down because the night guys didn’t know what to do. The R&D chief, God rest his soul, did what HE could, but really didn’t get past establishing that the files we couldn’t get to had been given a .EVIL extension, and was inaccessible.

    …well, I learned a long time ago that IT doesn’t understand tool computers, so I had a backup system that I had preloaded with the essentials and only needed linked to the printers and such, so I got spun up in about a half hour including preliminary testing and, obviously, NOT linking to the corrupt backup AND not hooking the Ethernet facing side up.

    …anyway, we could run, but lost all the electronic process records we promised the Gubbmint we’d keep. Again, being the trusting soul I am, I kept my own OFFLINE backups but had dropped to every month, so it was good that the R&D guy kept some too and we were able to reconstruct and still had the printed records and chart recordings to satisfy.

    …it was NEVER an option to PAY for decryption. You’re dealing with the SAME criminals that raped your system in the FIRST place, and you’re going to trust THEM with sending them money blindly AND download something ELSE they provide onto your sensitive systems?!? I don’t THINK SO, Tim!

    …so lesson learned, I keep my own weekly backups and the Internet is UNPLUGGED from the system, AND the USB drives disabled just in case someone gets stupid with a memory stick. But the Company keeps trying to expose the system for convenience, and I have to keep reminding them that’s more convenient for hackers, too.

    They’re out there, ALL the time. I could go over a BUNCH of other attacks I’ve been through, but the ONLY common protection is to control INTERNAL access to a select few, monitor THOSE closely, AND NO DAMN INTERNET ACCESS EVER!

    …otherwise, expect more of THIS, in every economic sector, always…

    5
  6. Whitmer’s planning on shutting one down in MI this coming week. She says it’s an environmental disaster waiting to happen but I’m guessing she’s demanding that Enbridge support her reelection campaign. That’s a nice pipeline you’ve got there, it’d be shame if somebody shut it down…

    2
  7. @Fred Hedgecoth: I remember those days very well. I hated that bastard Carter for ruining my life for 4 years. The gas lines and inflation did us in financially. Those were the hardest years of my life, and I do not forget. That bastard is still breathing!

    4
  8. @ǝpɐɥsʇɥɓᴉuɹǝdnS – Similar background with SCADA systems then moved into an overall integration position for a grassroots, computer integrated manufacturing facility. My battle was with corporate wanting easy access into the plant’s systems so they could see what was going on with their new toy. I was an outside consultant but, as you could imagine, the new plant manager absolutely did not want corporate peering behind the curtains at any time and used security concerns to block the request. We won the battle short term but I’m sure the war continues. And sooner or later corporate’s HQ will win and the systems will be exposed to the world.

    3
  9. Cherrybark
    MAY 9, 2021 AT 7:04 PM

    …I got around that by providing a Vorne productivity display system that I have segregated logic areas in the floor PLUS reporting to, so the only thing accessible over the Internet is the Vorne device itself, and its just operating off discrete I/O from field boxes so there’s NO avenue to hack critical systems but they STILL get real time Production and down time info to harp about, so everyone seems happy with that, at least fir now…

    1
  10. Just imagine what would happen if this was a PWR at a nuke plant SCADA, that got hacked into. That’s why their should NEVER be remote internet access to systems like this. Also why these companies have 24/7 staff, somebody dropped the ball.

    2
  11. I’ve read that the feds are “helping”. The first step was probably to go through the employment rolls to verify that there was the proper level of diversity. Second was to get OSHA and all other relevant federal agencies involved to make certain that all regulations were being followed and documented properly.

    A lot of important things would need to be done before the actual problem can be intensified by the incompetence of the people the feds have sent to “help”. Of course covering their tracks and the blame game will soak up a lot of time too.

    3
  12. i say this was a state sponsored attack (iran or ccp). the media and government will cover it up because if it got out, pedo joe would have to do something about it. none of the people actually running the country intend to do anything about it because they are the ccp’s and iran’s punks (even if they actually had a clue about how to react to an attack like this)

    2

Comments are closed.