This is a free excerpt from one of Shortform’s Articles. We give you all the important information you need to know about current events and more.
Don't miss out on the whole story. Sign up for a free trial here .
What was the Colonial Pipeline attack? Why did this attack threaten society?
The ransomware attack on Colonial Pipeline shut down fuel delivery to the East Coast in the summer of 2021. This attack exposed a growing cybersecurity threat to U.S. firms and organizations—and to energy companies in particular.
Keep reading to learn about the Colonial Pipeline attack and its consequences for society.
What Was the Colonial Pipeline Attack?
Last year, a cybercriminal group hacked into the computer network of Colonial Pipeline, which is the supplier of 45% of the fuel on the East Coast from Texas to the New York Harbor, and installed ransomware demanding 75 Bitcoins (approximately $5 million at the time). After the Colonial Pipeline attack, the company was forced to close its 5,500-mile pipeline for the better part of a week out of concerns that the group may have infiltrated its operational network, which would allow it to disable equipment and create hazardous conditions.
This was only the most public of many such recent attacks on the energy sector, which is proving to be an increasingly frequent target for ransomware. In 2019, the sector was the ninth-most attacked industry; in 2020, it was the third-most.
Unique Threats to Society
As the Colonial Pipeline incident illustrated, attacks on the energy sector pose threats to the country as a whole because the industry has physical infrastructure that underpins so much economic activity. The problem will increase as the world moves toward electricity and away from combustion, as an attack on an electric grid or power system will affect more people. And as far-flung power systems become more integrated, an attack on one system spells trouble for all. These dangers are growing because ransomware groups that have, up to now, primarily targeted the business network of energy companies, are increasingly aiming at their operations networks in order to purposefully disrupt their victims’ functionality.
Unique Threats to Energy Firms
This is partly because the sector is riddled with vulnerabilities. The US has around 2.5 million miles of pipelines outfitted with hundreds of thousands of sensors and valves, each of which is a potential security risk. Further, many firms’ operational networks predate the internet and have older, less-secure protocols. For years, they assumed their networks would be safe if they didn’t connect them to the internet, but they’re starting to connect them now and are running into security problems. (Even keeping them offline is no defense, though, as hackers have figured out how to access them through networked systems anyway.)
The Colonial Pipeline attack also reflects the changing nature of ransomware. Ransomware originally targeted personal computers and asked for small sums, but today it seeks out large ransoms from organizations with deep pockets and sensitive operations—companies that would be more likely to pay a ransom than to disrupt their business. The energy sector is an attractive target.
Want to fast-track your learning? With Shortform, you’ll gain insights you won't find anywhere else .
Here's what you’ll get when you sign up for Shortform :
- Complicated ideas explained in simple and concise ways
- Smart analysis that connects what you’re reading to other key concepts
- Writing with zero fluff because we know how important your time is