The largest oil pipeline network in the US resumes its activity after the cyberattack
Colonial, the company that operates the largest oil pipeline network in the United States, announced on Wednesday the resumption of its operations, after the cyberattack suffered last Friday.
The company, which offers supply to 45% of the US east coast market, reported in a statement on its website that it will take several days for the supply chain to return to normal.. For this reason, it warned that some markets to which it offers service may suffer or continue to suffer interruptions during the initial period.
Even so, he assured that he will try to move gasoline, diesel and jet fuel “as safely as possible” and that he will continue to do so until the return to normality.. In this sense, he stressed that his priority will be security, and to this end he will carry out evaluations of this type in the pipeline network during the initial period.
The network transports up to 2.5 million barrels of gasoline, diesel and jet fuel per day from refineries in the Gulf of Mexico to the southern and eastern United States.. This infrastructure was attacked with “ransomware,” a program that blocks access to information in exchange for paying a bounty to free it, by the Darkside hacking group, according to the FBI.
The shortage of supplies had worsened this Wednesday in the US. by the interruption of Colonial's activities and panic had broken out among consumers. The media showed long lines of vehicles at service stations in many parts of the country.
According to the specialized portal GasBuddy, this Wednesday there were fuel shortages at gas stations in Georgia, Alabama, Tennessee, North Carolina, South Carolina, Florida, Virginia, Maryland, Mississippi, West Virginia, Kentucky and even the District of Columbia, where is Washington DC, among others.
The Washington Post had revealed that Colonial had no plans to pay a ransom and was working with a cybersecurity firm to restore data from its backup systems.
Biden signs an order on cybersecurity after the attack
The president of the United States, Joe Biden, signed an executive order on Wednesday to strengthen cybersecurity after the attack. The executive order is aimed primarily at the private sector with the imposition of strict new standards for any software that the federal government acquires.
Vendors that do not comply with these new requirements within 6 months will be excluded from government software purchases, which may result in loss of business.
The Government hopes that these new standards, which will be detailed by the Department of Commerce, will also be adopted by the private sector, since part of the cyberattacks, such as this last one against Colonial, are directed at companies that are not publicly owned.
“The incident with Colonial is a reminder that federal action alone is not enough,” a government official said in a call with reporters on condition of anonymity.
The official warned that public and private sector entities in the United States are “very vulnerable to sophisticated, constant and malicious attacks” and acknowledged that security breaches will continue to occur.. “We simply cannot allow 'wait for the next incident' to be the status quo under which we operate,” the official said.. “The cost – he added – of continuing with the status quo is simply unacceptable.”
The executive order also creates a board to investigate incidents that will include the Department of Homeland Security, the Department of Justice, the Pentagon and the private sector.
The first incident that this board will review is the massive cyberattack against government systems and large US companies through the SolarWinds program, for which Washington blames Russia.. In fact, although the order was signed in the middle of an attack against the pipeline network, the text was prepared after the cyberattack with SolarWinds, according to the Executive.
“In the aftermath of the SolarWinds incident, we are faced with the harsh reality that some of the most basic cybersecurity prevention and response measures have not been consistently implemented across federal agencies,” the official said.
The order also focuses on transparency and information sharing by forcing software service providers to immediately notify the government of any cyberattacks they detect.. “Federal agencies can’t defend themselves against what they don’t see,” he argued.
<p