Major US infrastructures continue to present computer vulnerabilities and in many cases managers do not understand the risks they are exposed to, despite the fact that it has been a year since the cyber attack that forced the country’s largest network of oil pipelines to halt its operations.
The attack on Colonial’s network – one of the largest hacks in the country’s history – has raised cybersecurity concerns among executives and lawmakers, highlighted system weaknesses and encouraged cybercriminals to be bolder and more ambitious in their operations.
The group of attackers achieved their goal, which was to pay the ransom. If companies continue to pay, cybercrime will become more common, said Marty Edwards, former director of the US Industrial Control System Cyber Emergency Response Team (ICS-CERT) in an interview with EFE.
Edwards, who stopped working with the US government in 2017 and is now vice president of operational technology security at Tenable, explained that the fear within the infrastructure sector itself is that not enough is being done and not enough is being done. fast enough.
On May 6, 2021, a group of hackers known as DarkSide used a password that an employee reused to break into Colonial’s servers, steal up to 100 gigabytes of data, and launch a “malware” attack the next day – against the company.
Due to uncertainty about the scale of the attack and to prevent further damage, Colonial officials decided to completely shut down operations of the pipeline, which transports 378.5 million liters of fuel per day in the southeastern region of the United States. The hackers claimed $4.4 million in bitcoin to unlock the system, which the company paid under the supervision of the FBI, although about half of that money was later recovered.
Using the example of password reuse in the case of Colonial, Edwards said, which was what gave hackers access.
For the cybersecurity expert, it is important that infrastructure companies partition their computer systems – that is, separate them from one another – in a fast and even automated way to isolate the different components in the event of a cyber attack.
These are costly and costly strategies to maintain, especially for a large company, which is why Edwards is betting on implementing retail “the smart way.”
In addition to pipelines like Colonial, other major infrastructures vulnerable to cyber attacks with catastrophic real-world consequences include the power grid, water treatment systems, and food processing plants.
Edwards also added to this group the transportation sector, which is not usually considered when considering cyber attacks, but in countries with a large network of high-speed trains, such as Spain, France, China or Japan, the transportation sector is very weak.