The recent cyberattack on the Colonial pipeline has again drawn attention to state of readiness of critical US infrastructure, and the potential vulnerabilities to hostile states and criminal organizations. Struck by malware, the company controlling the pipeline delivering fuel to the East coast was forced to shut it down, out of concerns over both billing and the possibility that the infection could expand to the pipeline’s operating system, according to multiple news sources, including The New York Times.
Instead of being prepared for the attack, Colonial found that the pipeline operating and data systems were not as isolated as thought, reports an article in Forbes. Colonial has since attempted to follow best practices for business continuity, with their public statements indicating efforts being made to keep the public informed, and bring in outside experts to both identify and isolate the issues and assist in recovery.
“Colonial and the authorities bit the bullet and shut down the rest of Colonial’s pipeline systems not affected by the first attack. This preemptive action took control from the terrorists and mitigated the long term affects, the intimidation and leverage the terrorists hoped for,” Says Scott Sobel, senior vice president for crisis and litigation communications for kglobal, told Forbes about the efforts by Colonial.
Source:
https://www.nytimes.com/2021/05/14/us/politics/pipeline-hack.html
