Guest essay by Eric Worrall

Climate activists in New York and other East Coast cities may have an opportunity to live their dream of life without fossil fuel, as operators of the Colonial pipeline struggle to fix damage from a cyber attack which shut down the pipeline on May 7th.

US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day

Oil transport by road allowed after Colonial Pipeline goes down, operator says recovery is under way but offers no recovery date

Simon Sharwood, APAC Editor 
Mon 10 May 2021 // 00:15 UTC

One of the USA’s largest oil pipelines has been shut by ransomware, leading the nation’s Federal Motor Carrier Safety Administration to issue a regional emergency declaration permitting the transport of fuel by road.

The Colonial Pipeline says it carries 100 million gallons a day of refined fuels between Houston, Texas, and New York Harbor, or 45 percent of all fuel needed on the USA’s East Coast. The pipeline carries fuel for cars and trucks, jet fuel, and heating oil.

It’s been offline since May 7th, according to a company statement, due to what the outfit described as “… a cybersecurity attack [that] involves ransomware.”

It added: “In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”

Read more:

As a software expert, my first thought is someone who allows the connection of mission critical control systems to the internet should probably consider a different career. But perhaps I am being unfair. Even the most carefully isolated systems can be undone, if a careless employee or contractor connects their infected laptop to an internal network.

Update (EW): According to the BBC, the authors of the Colonial pipeline ransomware attack have denied their motivation was terrorism, though the BBC claims the software is set up to avoid infecting systems where the language setting is Russian.

“Our goal is to make money and not creating problems for society. … We do not participate in geopolitics, do not need to tie us with a defined government and look for… our motives … From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”.

Can’t help thinking whatever their professed motivation, they are going to receive a personal visit from some scary people in the near future. The apparent Russian connection is embarrassing for President Putin, and they hurt the USA.

Do not try to view the Darkside website to see the statement from the criminals first hand – boobytrapping web pages is an old hacker trick.

via Watts Up With That?

May 10, 2021