The silver lining of the DarkSide attack on the Colonial Pipeline

Spread the love
8323394 – road in field and storm clouds

All of a sudden folks searching for gasoline on our Eastern Seaboard, as a result of the temporary shutdown of the 5500 mile long Colonial Pipeline, became familiar with the word CyberSecurity. That pipeline normally carries 100 million gallons of refined fuels each day between Houston, Texas and New York Harbor. That is 45% of fuel required on the East Coast.

In our nation today, computers, rather than people direct our daily needs. A small sample would include our transportation, energy, water and food supplies, chemical delivery, communications and manufacturing and of course shopping on the internet and the internet itself. Soldiers don’t standby to protect them. CyberSecurity systems do and in the United States they are sorely wanting.

CyberSecurity is the ART of protecting networks, devices and data from unauthorized access or criminal use. In the Colonial case the FBI learned that the culprit was a criminal hacker gang in Russia calling themselves DarkSide. They re-encrypted Colonials software shutting its pipeline down on or about May 7. Within days it requested was paid 5 million dollars ransom to un-encrypt the software to get the pipeline back in operation.

That is just one form of disruption. Entire systems can be eliminated, files can be altered, credit cards can be stolen and purchases made. The worst however can be the disruption of a nations entire defense system.

If, as many believe, Biden’s reaction to the shutdown was underwhelming it would seem unsurprising. His goal is to achieve 100% carbon free energy by 2035. California is his role model, where brownouts and rolling blackouts are no longer out of the ordinary.

In recent years serious Malware attacks, meaning malicious software, crippled Mumbai, India’s power system, and Israel’s as well. These incidents support many previous predictions that attacks on critical infrastructure have the potential for enormous societal harm. They have largely been ignored till now. The International Data Corporation predicts spending on CyberSecurity solutions across the globe will exceed $133 billion within two years. The US just established a Ransomeware and Digital Extortion Task Force. Hopefully it will address the absurd management of CyberSecurity at the Department of Defense (DoD).

Over 80% of DoD’s information is unclassified. By their rules if it is not classified it is not subject to be encrypted.

It may be hard to believe but much information relating to technology and weapon systems is not classified. If you think that much may not be vital to national security lets look at the new F-35 fighter plane. It is destined to replace most of the Air Force’s tactical weapons. If you have not heard yet I am here to tell you that the Chinese stole most of the plans and data for this stealth plane. It was unclassified and not encrypted and will cost American taxpayers well over a trillion dollars before it is replaced.

But wait, there is more, the military and other government agencies continue to buy considerable amounts of computer and network equipment from China that is eventually used in our security systems. We might believe that Biden’s relationship with China makes this understandable but it went on while Trump was in office too.

DoD has no system in place to even check for malware in the equipment they buy so it is doubtful any of the government does. The Colonial pipeline brings to light another threat of the ransomware. It cost them $5million and the East Coast a very hard time but It could also cost them the theft of important information which would allow for future disruption.

Stephen Bryan, an expert on CyberSecurity, writing in the May 19/25, 2021 issue of Epoch Times suggested five ways to help avoid the next CyberSecurity disaster.

1- Put in place a national program to create secure networks that use hardware built by secure vendors.

2- Require all critical infrastructure networks to be vetted by a third party audit for security under the aegis of the National Security Agency (NSA).

3- Vet all hardware before it is used by the US Government or critical infrastructure components.

4- Go after malefactors, domestic or foreign, and impose stiff penalties on perpetrators.

5- Make it clear to foreign governments that if they sponsor or shelter criminal operations they will find their networks destroyed.

I personally believe this time around a word or many words to the wise will actually be sufficient.


June 12, 2021