Guest essay by Eric Worrall
Climate activists in New York and other East Coast cities may have an opportunity to live their dream of life without fossil fuel, as operators of the Colonial pipeline struggle to fix damage from a cyber attack which shut down the pipeline on May 7th.
US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day
Oil transport by road allowed after Colonial Pipeline goes down, operator says recovery is under way but offers no recovery date
Simon Sharwood, APAC Editor
Mon 10 May 2021 // 00:15 UTCOne of the USA’s largest oil pipelines has been shut by ransomware, leading the nation’s Federal Motor Carrier Safety Administration to issue a regional emergency declaration permitting the transport of fuel by road.
The Colonial Pipeline says it carries 100 million gallons a day of refined fuels between Houston, Texas, and New York Harbor, or 45 percent of all fuel needed on the USA’s East Coast. The pipeline carries fuel for cars and trucks, jet fuel, and heating oil.
It’s been offline since May 7th, according to a company statement, due to what the outfit described as “… a cybersecurity attack [that] involves ransomware.”
It added: “In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
…
Read more: https://www.theregister.com/2021/05/10/colonial_pipeline_ransomware/
As a software expert, my first thought is someone who allows the connection of mission critical control systems to the internet should probably consider a different career. But perhaps I am being unfair. Even the most carefully isolated systems can be undone, if a careless employee or contractor connects their infected laptop to an internal network.
Update (EW): According to the BBC, the authors of the Colonial pipeline ransomware attack have denied their motivation was terrorism, though the BBC claims the software is set up to avoid infecting systems where the language setting is Russian.
“Our goal is to make money and not creating problems for society. … We do not participate in geopolitics, do not need to tie us with a defined government and look for… our motives … From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”.
Can’t help thinking whatever their professed motivation, they are going to receive a personal visit from some scary people in the near future. The apparent Russian connection is embarrassing for President Putin, and they hurt the USA.
Do not try to view the Darkside website to see the statement from the criminals first hand – boobytrapping web pages is an old hacker trick.
Don’t give it a permit to restart and do the decades long review process like California.
Eric,
Didn’t catch this first time through, but
“embarrassing for President Putin”
Not even in the slightest. Anyone who thinks he might be embarrassed by anything is still badly underestimating him, and underestimate the oligarchs who run that country/region with him.
The claim that the software was configured not to attack Russian computers makes it look like the criminals have some kind of understanding with the Russian state. The fact the attack occurred without authorisation (admitting authorisation would be an act of war), makes Putin look like he is not in control. That is what I mean by “embarrassing”. Putin does not seem the kind of guy who quietly accepts very public challenges to his authority.
You base this on the claim that the software is configured to ignore Russian language per the BBC? This is the same claim they made about the NHC ransomware.
I still don’t see where anyone said that the attack was unauthorized, they only said (in perfect Boris n Natasha accent, in a written text) that they were in it for profit. Again, per the BBC.
If they are Russians, they’re up for a medal. More likely BBC hasn’t a clue.
Agreed, the BBC could be making it up. I made it clear this assertion is a BBC claim.
The Biden fleets will get first priority for the scarce fuel supplies.
Try stuffing it full of wood pellets. That will help it.
This would be a great time for a cyber grid attack.
A considerable number of people so distrust the FBI and Federal Government that they are seriously questioning the FBIs claim that it was an attack from the Russians. And who can blame them after years of Russia, Russia, Russia, Collusion, Collusion, Collusion, during the Trump Administration that turned out to be all lies originating from the US Intel community, backed by the FBI, and trumpeted day after day after day in the press? And to this day nobody has gone to jail for it while the DOJ just hired Susan Hennessey that was one of the major mouth pieces for the lies and on who’s word illegal FISA warrants were issued?
A considerable number of people are idiots–in fact, the same number.
So typical! Me I will wait for more facts to come into evidence before making a judgment because I am not stupid enough to trust this government to tell the truth about anything.
Russia colluuuusion 😉
Is this similar to weapons of mass destruction?
Was the weapons of mass destruction lie aimed at unconstitutionally unseating a duly elected POTUS? Nope!
It did get us into an seemingly endless war but as I recall democrat after democrat bought into the WMD excuse also. One thing is for sure. There was more evidence to back the WMD claim. Sadam having used such against the Iranians and Kurds, than LBJs Gulf of Tonkin “incident” which he used to have an excuse to deploy US troops into direct combat in Vietnam for the first time.
Mr. swelll: I am surprised to discover a person who trusts the FBI and feds. Didn’t Nancy P. tell you that they lie to congress all the time? When did she start trusting them again?
Emergency? What emergency? I thought climate change was the emergency, and the solution was to end fossil fuel use. Isn’t this what the global warmunists have been demanding?
Lefties hate oil….until they have none.
Wait till Ms. Whitmer (aka “Cuddles”) succeeds in closing down Enbridge Line 5. May 12th is the deadline she has set.
Of course, that only affects Canada, so it’s not really news.
The Canadian ambassador asked Sleepy Joe to intervene, and he said no.
Lots more oil-by-rail in the future. I’m glad I don’t live near the tracks.
It doesn’t only affect canada, it would shut down deliveries into Michigan as well
Don’t worry. Joe Biden just announced he will hold a press conference on the event and take questions from reporters.
Oh wait, no he didn’t.
He lost his cue cards.
This Is a pipeline but the electric grid has the same issues.
The problem is the nature of the grid, how decentralized it is getting, all the intermittent renewables coming in and out, 10s of thousands of sources of fault current instead of hundreds, requiring very advanced equipment connected at very high speed, collecting and transmitting synchrophasors and other data
In the old days, protection was electromechanical relays (magnets) and communications was pilot wire or by imposing a signal on the electrical wire.
Very simple, unhackable, but completely unsuitable to what we are doing today.
The push to widely distributed renewables requires an interconnected grid in order to function, can’t have one without the other.
Hope they don’t shut it down in February
Truly amazing that the major media and the US government are ignoring the most significant terrorist attack on the US since 911. Oh well , go back to sleep.
Our goal is to make money
No, their goal is to steal money. Thievery is one of the most despicable endeavors. The unconscionable sociopathy of this form of subhuman protoplasm is impossible for normal people to comprehend. Hunt them down and eradicate the vermin.
The only part missing from the BBC quote was “and must get Moose and Squirrel, darlink.”
The attack has been determined to originate in Frostbite Falls, MN.
Shades of the days of Jimmy Carter! Gas lines, inflation, warnings that interest rates of going to spike up!
The Leftist Media.
Three months ago Joe Biden cancelled thousands of jobs and the Keystone Pipeline, and the New York Times cheered him on and said it was good policy…..Last week, someone shut down a pipeline for four days causing gas shortages – and the New York Times called it an attack.
Of course that point made by Tony Heller equally applies to all of the leftist media.
New York Times Definitions | Real Climate Science
https://en.m.wikipedia.org/wiki/At_the_Abyss
But, when Biden shut a pipeline down, it was celebrated by the Democrats and the media.
Was it Apple…
a) Quote:
“It alleges:
b) Or was it what Joe is effectively creating, in droves?
i.e. Disgruntled (ex)coal-miners who have ‘learned to code’
Makes perfect sense doncha think.
Is it possible, haha, that the Dark Side hackers have in fact, been hacked?
That is just soooo gorgeous 😀
Be careful what you (your ‘handlers’) wish for Mr Biden
EW, a friendly word in your ear:
Are you really sure you wanna be levelling charges of terrorism against Putin? I don’t read the BBC as saying as much, what’s your source?
There are some things that folks might ‘keep under their hats‘ until they are 1000% sure and are able to ‘do something about it‘
That is one of them.
If you or anyone becomes ‘terrified‘, off your own volition and just because your local petrol-pump runs dry or holiday flight is grounded, I’d suggest you have much greater problems than any amount of Climate Change or <insert pet boogeyman here>
No, that is not a personal dig or ad-hom.
Irrational fear & paranoia ### applies to almost all of Western Civilisation right now and even worse, thanks to things like the UK Gov’s very own Behavioural Insights Team, is being positively created by Government.
How wrong horrible hideous and grotesque could anything possibly be?
What is actually going on, apart from the obvious, good-intentions, selfishness & greed.
Why are the turkeys not only voting for Christmas but actually eating each other as they queue up at the processing plant.
### Examples:
i.e. Irrational Fear is the endemic
Great! Isn’t this about half of what some of us have advocated for years. Persuade the oil companies to cut off deliveries to somewhere like NY for just a few days, and they will realise that they cannot do without it. So if this was done by idiot Greenies – many thanks!
Probably you are right to some degree, but by whom and for what purpose? With Gretchen the wicked witch threatening to shut down Line 5 tomorrow, this was perfect timing to send a signal that losing a major pipeline has consequences. Would be something to see Line 5 shut tomorrow, May 12th deadline, and the Atlantic NE and much of mid eastern Canada will be in very serious trouble, especially combined with these huge Colonial temporary issues. Would be a real shot over the bow, especially if a Federal judge rules tomorrow in favour of a shut down, but highly unlikely. Line 5 is a Treaty between CAN/USA, so Michigan State has no real control of this specifically in the short term. It supplies a lot of product to both Michigan and eastern USA and/or Canada via Windsor/Detroit.
Problem is these days, you can’t really believe anything anymore, but if you read between the lines, sometimes you get a glimpse of what may be happening. The pipeline companies and oil patch are upset with the way they are being treated especially after the election. The Democrats would love to manufacture a ‘carbon’ crisis just for the sake of it. The Chinese (or NORKS doing the dirty work) would love to interfere and possibly blame the Russians to some degree, (maybe working with corrupt Democrat Intelligence) just to sow more chaos between USA and Russia and take pressure off China. The last person I would suspect under these circumstances, would be Putin. And nor would he allow such a lazy attempt, which will only result in more robust security. Better to leave it vulnerable in case you really need to disable things someday.
“….. the software is set up to avoid infecting systems where the language setting is Russian.”
Well, to me, if true that strongly suggests the perpetrators and motives are closer to home and closer to government than people may think. Or perhaps a case of never letting an opportunity for a bit of geopolitical propaganda go to waste. Whatever, that phrase immediately pings my BS meter at around the 99% mark.
Or it could be the FSB turns a blind eye, providing the criminals target non-Russian businesses. Or it could be a complete fabrication.
I should think that with a proper backup system, it should be easy to recover from a ransomware attack. Am I wrong on that? I use a backup system from a company called Macrium Reflect based on London. Its latest version protects against rasomware because it locks your backups so the attack can’t delete or alter them. I have several sets of backups using external drives- some are always NOT connected to my home network. And of course most corporate systems will have offsite backups.
Process control systems are usually a little messier than normal IT systems, lots of ad-hoc adjustments, very difficult to test. It’s easy to miss backing up something critical. Just bringing systems online in the wrong order can wreak havoc. Even a comprehensive backup restoration needs to proceed slowly and carefully.
Some lessons learned:
Since it is ransomware, likely they encrypted the database files and templates for their Windows SCADA system. They will have to wipe the system and reinstall the files from back ups. Then function test.
Nothing will be learned. Nothing.
DHS is responsible for protecting the US infrastructure from foreign threats, but Mayorkas is too busy with building more tents on the Southern border to house ever more children that self separate from their parents due to Biden’s policies. Trump was slammed for breaking up families. At least under Biden they voluntarily do the breaking up, much more humane. Also Mayorkas is hunting White Supremacists. DHS just doesn’t have the time to what they were created for, protecting the Homeland. Too busy with the Woke agenda items.
I hate to be the skunk at the garden party, but the first thing we need to do to put a stop to this kind of hacking is to ban bitcoin and other anonymous cyber-currencies.
Such a ban would prevent banks and other regulated US financial institutions from exchanging dollars for cyber-currency. With no means for being paid. hackers would move on to something else.
100 % agreed!
To be honest, I do not understand how these Cyber currencies were ever accepted by governments, they seem to me fake monopoly money, backed by nothing substantial. They are ideal for money laundering and mafia style organizations as well as rogue governments such as NK. now even the US and Visa want in on this? Does not make sense.
Currency for us. Bitcoin for Oligarchs and bureaucrats.
There’s a write-up of the Darkside group and their ransomware kit at the Sentinel One site here. There are variants for both Windows and Linux.
At least the dirty petrol products from Shell can’t make it to customers. Actually, I think they planned to close that decrepit refinery in Louisiana that no one wanted to buy from them.