The News Chronicle
  • About Us
  • Advert Rates
  • Contact Us
  • Privacy Policy
Monday, January 30, 2023
Advertisement
ADVERTISEMENT
  • News
    • Breaking
    • Business
    • Celebs
    • Sports
    • Africa
    • Technology
    • World News
  • Social Diary
    • Events
  • Columns
    • Monday
    • Tuesday
    • Wednesday
    • Thursday
    • Friday
    • Sunday
    • Opinions
    • Editorial: Our Stand
  • TNC TV
  • Interviews
  • Books
    • Reviews
    • Author Profiles
  • Entertainment
  • Gossip
No Result
View All Result
  • News
    • Breaking
    • Business
    • Celebs
    • Sports
    • Africa
    • Technology
    • World News
  • Social Diary
    • Events
  • Columns
    • Monday
    • Tuesday
    • Wednesday
    • Thursday
    • Friday
    • Sunday
    • Opinions
    • Editorial: Our Stand
  • TNC TV
  • Interviews
  • Books
    • Reviews
    • Author Profiles
  • Entertainment
  • Gossip
No Result
View All Result
The News Chronicle
No Result
View All Result
  • News
  • Social Diary
  • Columns
  • TNC TV
  • Interviews
  • Books
  • Entertainment

Path Naija News » Columns » Held to Ransom: Colonial Pipeline and the Vulnerabilities of Critical Infrastructure

Held to Ransom: Colonial Pipeline and the Vulnerabilities of Critical Infrastructure

Dr. Binoy Kampmark by Dr. Binoy Kampmark
2 years ago
in Columns, Tuesday
Reading Time: 4 mins read
A A
0
ADVERTISEMENT
Share on FacebookShare on TwitterShare on Whatsapp

It should be making officials in the White House tremble.  Critical infrastructure supplying 45% of the East Coast’s diesel, gasoline and jet fuel, left at the mercy of a ransomware operation executed on May 6.  In the process, 100 GB of data of Colonial Pipeline was seized and encrypted on computers and servers.  The next day, those behind the operation demanded a ransom, or the material would be leaked.

The consequences are telling.  The operator, taken offline to enable an investigation to be conducted by US cybersecurity firm Mandiant; fuel left stranded at refineries in Texas; a spike in fuel prices at the pump – up six cents per gallon on the week to $2.967 per gallon of unleaded gasoline.  “Unless they sort it out by Tuesday,” warned oil market analyst Gaurav Sharma, “they’re in big trouble.”  The impact would be felt first in Atlanta, then Tennessee, perpetuating a domino effect to New York. “This is the largest impact on the energy system in the United States we’ve seen from a cyberattack, full stop,” opined Rob Lee of the cybersecurity firm Dragos.

RelatedPosts

February Elections

February Elections: Nigerians just dey play…

January 30, 2023
Sanusi4sure

Buhari’s anti-corruption war and history

January 28, 2023
Jacinda Ardern

A leader like Jacinda Ardern

January 26, 2023
Aleph Hospitality Continues Africa Expansion With New Upscale Hotel In Ghana
Trending
Aleph Hospitality Continues Africa Expansion With New Upscale Hotel In Ghana

Advertisement. Scroll to continue reading.

The company, in unconvincing tones, issued a statement that it was “continuing to work with third-party cybersecurity experts, law enforcement, and other federal agencies to restore pipeline operations quickly and safely.”  President Joe Biden rushed to calm fears that this had compromised fuel security.  “The agencies across the government have acted quickly to mitigate any impact on our fuel supply.” The deputy national security advisor for cyber and emerging technologies Anne Neuberger waffled to the press that the Biden administration was “taking a multi-pronged and whole-of-government response to this incident and to ransomware overall.”

On May 9, the Federal Motor Carrier Safety Administration within the Department of Transportation issued temporary hours of service exemption for motor carriers and drivers “transporting gasoline, diesel, jet fuel and other refined petroleum products” across affected States.

Finding the culprit in such operations is almost boringly predictable.  The Kremlin tends to get top billing on the list of accused, but on this occasion interest centred on DarkSide rather than President Vladimir Putin.  “I’m gonna be meeting with President Putin,” promied Biden, “and so far there is no evidence, based on our intelligence people, that Russia is involved.”  That did not mean that Russian officials were to be spared scrutiny.  There was “evidence that the actors’ ransomware is in Russia – they have some responsibility to deal with this.”  DarkSide, in other words, is being singled out as a bold and enterprising Russian cybercrime outfit, going where even intelligence operatives fear to tread.  Out in that jungle of compromised cybersecurity, money is to be made.

The Peter Obi Factor and the 2023 General Elections
Trending
The Peter Obi Factor and the 2023 General Elections

DarkSide is cybercrime with a professional face, pirates and buccaneers of the internet with some understanding of public relations.  They court the press when they need to.  They even operate with a code of conduct in mind.  And they are experienced.  “Our goal is to make money and not creating problems for society,” lamented the group after the operation.  “We do not participate in geopolitics, do not see need to tie us with a defined government and look for… our motives.”  The firm claimed ignorance that one of its affiliates had taken it upon themselves to target Colonial.  “From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

This event has revealingly exposed the state of poorly protected critical infrastructure run by private companies.  “When those companies are attacked,” remarked deputy national security advisor Elizabeth Sherwood-Randall, “they serve as the first line of defence, and we depend on the effectiveness of their defences.”

As security analyst Richard Stiennon decrisbed it, the decision to shut down the pipeline showed that Colonial understood the risks.  “On the other hand, it shows that Colonial does not have 100% confidence in their operational systems’ cybersecurity defenses.”  Colonial was doing its best to sound competent, stating that it “proactively took certain systems offline to contain the threat.”

A less generous reading of this is that the company never genuinely appreciated those risks, given inadequate backup systems or forking out funds for software with fewer vulnerabilities.  The company had effectively issued an open invitation to be targeted, despite warnings made in early 2020 by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency that a ransomware attack on a US-based natural gas compression facility had taken place.

Ajaokuta Steel And Buhari’s Renewed Pledge
Trending
Ajaokuta Steel And Buhari’s Renewed Pledge

The provider has done little in terms of clearing the air on how it will deal with the ransom threat.  “Colonial is a private company and we’ll defer information regarding their decision on paying a ransom to them,” stated the less than helpful Neuberger.  Neuberger also spoke of the “troubling trend … of targeting companies who have insurance and may be richer targets”.  More had to be done to “determine what we do in addition to actively disrupting infrastructure and holding perpetrators accountable, to ensure we are not encouraging the rise of ransomware.”

The Biden administration is currently drafting an executive order that will create new digital safety regulations applicable to federal agencies and contractors who develop software for the government.  Those developing the software would have to be compliant with adequate security safeguards.  A layer of investigative bureaucracy is also contemplated: a cybersecurity incident review board.

At the very least, optimists in the field will see some value in having glaring faults in security systems exposed, even if it pertains to critical infrastructure.  Cyber extortionists can be turned into constructive citizens, identifying vulnerabilities – for a price.  A better option for corporate management and the boardroom would be to listen to the IT crowd.

Dr. Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge.  He lectures at RMIT University, Melbourne.  Email: bkampmark@gmail.com

 

 

Hot Gist

  • Bukayo Saka: The Rising Star at Arsenal FC
  • I am A Northern Christian: Deconstructing Dr Shehu Mahdi
  • “I was disappointed by [Wole Soyinka’s] uncharacteristic silence between 2015 and 2019” – Farooq Kperogi
  • The Story Vault. #1. Love

Tags: Infrastructure

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe
Previous Post

Youth are Africa’s best asset,  invest in them  – African Development Bank President, Adesina

Next Post

Kaduna Workers Strike: IGP Deploys Operatives To Guarantee Safety On Kaduna-Abuja Expressway

Dr. Binoy Kampmark

Dr. Binoy Kampmark

Related Posts

February Elections

February Elections: Nigerians just dey play…

January 30, 2023
Sanusi4sure

Buhari’s anti-corruption war and history

January 28, 2023
Jacinda Ardern

A leader like Jacinda Ardern

January 26, 2023
2023 election

Hadi Sirika’s ego-trip and other Buhari untouchables

January 25, 2023
Ohinoyi Palace Attack: A ludicrous query

Between Atta Ebira and Ohinoyi of Ebiraland

January 24, 2023
February Elections

When the people shall have nothing more to eat

January 23, 2023
Next Post
Kaduna Workers Strike: IGP Deploys Operatives To Guarantee Safety On Kaduna-Abuja Expressway

Kaduna Workers Strike: IGP Deploys Operatives To Guarantee Safety On Kaduna-Abuja Expressway

ADVERTISEMENT

What's New?

Everton appoints Sean Dyche as Frank Lampard’s replacement
Sports

Everton appoints Sean Dyche as Frank Lampard’s replacement

by Oladimeji Adeoye
January 30, 2023
0

Everton FC has confirmed the appointment of Sean Dyche as the Club’s new Men’s Senior Team Manager and replacement for...

Read more
Tyre Nichols

SCORPION/SARS: The Trans-Atlantic Tragedy

January 30, 2023
Wellington Events

At Wellington Events We Pay “Extra” Attention To Details – Nelly Wellington, Creative Director

January 30, 2023
Prev Next
ADVERTISEMENT
ADVERTISEMENT
  • © 2022 The News Chronicle