Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business
Consultants


Over the weekend a ransomware attack against Colonial Pipeline caused the company to shut down a fuel pipeline that serves much of the East Coast.  The Washington Post reports the pipeline carries almost half of the gasoline, diesel, and other fuels used on the East Coast. Energy expert Bob McNally, founder of the Rapidan Energy Group, said “It’s the major artery and there are no real other good options to replace it.” The article notes: “Colonial’s 5,500 miles of pipelines carry fuel from refineries on the Gulf Coast to customers in the southern and eastern United States. It says it transports 45 percent of the fuel consumed on the East Coast, reaching 50 million Americans.” The Wall Street Journal reports “The Federal Bureau of Investigation said it believed the attack involved a criminal gang with Eastern European ties known as DarkSide.”


“Hacked Pipeline May Stay Shut for Days, Raising Concerns About Fuel Supply.” That’s the headline in The New York Times, which notes: “The shutdown of the 5,500-mile pipeline was a troubling sign that the nation’s energy infrastructure is vulnerable to cyberattacks from criminal groups or nations.” The article reports the pipeline operator said Sunday afternoon that it was developing “a system restart plan” and would restore service to some small lines between terminals and delivery points but “will bring our full system back online only when we believe it is safe to do so. … By failing to state a timeline for reopening on Sunday, the company renewed questions about whether the operations of the pipeline could still be in jeopardy.” Meanwhile the BBC reports “The U.S. government issued emergency legislation on Sunday” that relaxes rules on fuel being transported by road. “It means drivers in 18 states can work extra or more flexible hours when transporting gasoline, diesel, jet fuel and other refined petroleum products.” The BBC quotes oil market analyst Gaurav Sharma as saying “Unless they sort it out by Tuesday, they’re in big trouble. The first areas to be impacted would be Atlanta and Tennessee, then the domino effect goes up to New York.” Regardless of when Colonial is able to re-open the pipeline, the attack is yet another reminder of the mission critical need to protect the nation’s IT infrastructure—across private enterprise as well as resources administered by local, state, regional, and federal government agencies.


“The Colonial Pipeline Attack Is A Major National Security Incident.” That headline from Forbes sums up the significance of the attack. Forbes provides a look into the impact, writing: “The Colonial Pipeline originates in Houston and terminates at the Port of New York and New Jersey. It traverses the southeastern states of Louisiana, Mississippi, Alabama, Georgia, South Carolina, North Carolina, and Virginia, and continues north through Maryland, Delaware, Pennsylvania, and New Jersey. The pipeline transports about 100 million gallons per day of gasoline, diesel and jet fuel, supplying about 45% of the fuel needs of about 50 million customers. The Colonial Pipeline is, without a doubt, the most important finished product pipeline in the U.S.” Forbes notes: “Although this incident is serious, a shutdown of a large section of our power grid during a heat wave or winter storm could have far more deadly implications.” On the bright side Forbes suggests: “It seems highly likely that this incident will lead to a response from the federal government to shore up protections of our critical infrastructure, and it puts more pressure on companies to ramp up their cybersecurity efforts.”


New Report Details Russian Cyber Espionage Efforts. On Friday, the same day Colonial Pipeline was shut down by hackers, the U.S. and U.K. issued a Joint Alert on Russian Cyber Activity, according to a report in BankInfoSecurity. The joint effort includes the U.K.’s National Cyber Security Center, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the National Security Agency. BankInfoSecurity reports that the joint advisory offers “detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds attacks.” The article also quotes from a separate alert from CISA warning: “APT29 will continue to seek intelligence from U.S. and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks. The SVR primarily targets government networks, think tank and policy analysis organizations, and information technology companies.”


“Microsoft Launches Open Source Tool to Prevent AI Hacking.” That headline from AI Magazine provides a glimmer of hope against the backdrop of international espionage and cyber attacks that have dominated recent years. The article describes Microsoft’s Counterfeit project which allows business developers to evaluate the severity of a cyber attack by simulating a threat against an AI system. AI Magazine writes “There are several benefits to using artificial intelligence to help stop cyber threats. Firstly, AI can process much larger volumes of data than a human can, meaning that they can pick up any threats earlier and faster. Another advantage is it reduces the likelihood of any errors in a company’s cybersecurity software, allowing for security that is more trustworthy. AI also increases the response and detection times when searching for threats.”


Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. He is a member of the Florida Police Chiefs Association, and advises law enforcement agencies on cyber security. Pownall serves on several boards and committees and has a strong affiliation with various arts and education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He’s served as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.