•   
  •   
  •   

US Biden's infrastructure plan wouldn't protect the Colonial Pipeline from another attack

04:25  12 may  2021
04:25  12 may  2021 Source:   nbcnews.com

Major US pipeline halts operations after ransomware attack

  Major US pipeline halts operations after ransomware attack WASHINGTON (AP) — The federal government is working with the Georgia-based company that shut down a major pipeline transporting fuel across the East Coast after a ransomware attack, the White House says. The government is planning for various scenarios and working with state and local authorities on measures to mitigate any potential supply issues, officials said Saturday. The attack is unlikely to affect gasoline supply and prices unless it leads to a prolonged shutdown, experts said. Colonial Pipeline did not say what was demanded or who made the demand.

  Biden's infrastructure plan wouldn't protect the Colonial Pipeline from another attack © Provided by NBC News

Colonial Pipeline, the United States’ largest purveyor of refined fuel, including gasoline, diesel and jet fuel, recently had a bad day. Late last Friday, the company’s information technology systems fell victim to ransomware. The company quickly shut down its operations as a precautionary measure to contain the attack and prevent long-term damage to its physical systems. As of Tuesday afternoon, the pipeline was still largely offline, though Colonial hopes to restore operations by the end of the week.

The attack on Colonial Pipeline is one data point in an overall trend of increased attacks from ransomware, malicious software that prevents victims from accessing their data and requires a ransom payment in order to restore their systems. The consequences can range from the economically costly to the downright dire: Businesses get locked out of their computer systems for several hours or days at a time, halting operations, disrupting supply chains and significantly harming consumer trust.

What we know about the Colonial Pipeline ransomware cyberattack

  What we know about the Colonial Pipeline ransomware cyberattack What we know about the Colonial Pipeline cyberattack. The latest on who is behind it, how it could impact gas prices and more. Colonial Pipeline said on Saturday that it was the victim of a cyberattack involving ransomware and had "proactively" halted all pipeline operations as a result. The 5,500-mile pipeline system transports approximately 45% of all fuel consumed on the East Coast, according to its website, and runs from Texas to New Jersey.

In 2020 alone, nearly 2,400 state and local governments, health care facilities and schools were victims of ransomware attacks. Additionally, the victims of these attacks paid a total of $350 million in ransom, marking a 300-plus-percent increase from the previous year.

And ransomware is just one kind of cyberthreat posed to infrastructure — one of the country’s most prevalent national security risks and one that should be at the top of priority lists for infrastructure needs. Given the severity of the danger, it was disappointing to see that the Biden administration’s current infrastructure plan falls woefully short in terms of actually securing the infrastructure it proposes to build, a failing that has raised eyebrows.

Hillicon Valley: Colonial Pipeline attack underscores US energy's vulnerabilities | Biden leading 'whole-of-government' response to hack | Attorneys general urge Facebook to scrap Instagram for kids

  Hillicon Valley: Colonial Pipeline attack underscores US energy's vulnerabilities | Biden leading 'whole-of-government' response to hack | Attorneys general urge Facebook to scrap Instagram for kids Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter by clicking HERE. Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.The nation's oil and gas sector was left reeling from a ransomware attack late last week that caused Colonial Pipeline to shut down operations that provide around 45 percent of the East Coast's oil.

The Colonial Pipeline attack “is a play that will be run again, and we’re not adequately prepared” warned Sen. Ben Sasse, R-Neb. “If Congress is serious about an infrastructure package, at front and center should be the hardening of these critical sectors — rather than progressive wish lists masquerading as infrastructure.”

America’s critical infrastructure as traditionally defined and historically understood is deeply in need of investment and renewal. The backbone of the package must therefore be to safeguard and upgrade these core elements — from airports and highways to mass transit and beyond — and must have significant cybersecurity investments properly baked in.

President Joe Biden’s $2 trillion package does include $621 billion for long-standing transportation infrastructure needs such as bridges, roads and ports and over $300 billion for upgrading electric grids and drinking-water infrastructure and expanding broadband internet access.

Overnight Energy: 5 takeaways from the Colonial Pipeline attack | Colonial aims to 'substantially' restore pipeline operations by end of week | Three questions about Biden's conservation goals

  Overnight Energy: 5 takeaways from the Colonial Pipeline attack | Colonial aims to 'substantially' restore pipeline operations by end of week | Three questions about Biden's conservation goals HAPPY MONDAY. Welcome to Overnight Energy, your source for the day's energy and environment news.Please send tips and comments to Rachel Frazin at rfrazin@thehill.com . Follow her on Twitter: @RachelFrazin . Reach Zack Budryk at zbudryk@thehill.com or follow him on Twitter: @BudrykZack . Signup for our newsletter and others HERE. Today it's pipelines all the way down as we examine what you need to know about the cyberattack that's haltedToday it's pipelines all the way down as we examine what you need to know about the cyberattack that's halted operations at a pipeline serving 45 percent of people on the East Coast, plus a look at President Biden's conservation plan.

However the package stretches the definition of infrastructure beyond its traditional meaning. Under the plan, for instance, $400 billion goes to support the home-based health care workforce, the component of the package described by The New York Times as the “most transformational and polarizing.” Aspiring to transformational change is a leader’s prerogative; but it should be done transparently in a way that does not subvert logic, common sense or pressing national and economic security priorities — in this case, securing infrastructure itself from cyberattacks.

Indeed, malicious actors are more emboldened than ever to take advantage of the vulnerability of American critical infrastructure, from our water supply to our electric grid to our pipelines. The Colonial Pipeline supplies 45 percent of the East Coast’s fuel, transporting nearly 100 million gallons of refined fuel between the Gulf Coast and New York on a daily basis. If the disruption were to continue unabated, the East Coast could be at risk for more distribution problems and price fluctuations, which could prompt other cascading consequences that could jeopardize many systems — airports, businesses and day-to-day travel — that rely on its fuel deliveries. The possible harm to the wider economy could extend even beyond that.

Russia Denies Involvement in Colonial Pipeline Cyber Attack: Kremlin

  Russia Denies Involvement in Colonial Pipeline Cyber Attack: Kremlin President Joe Biden said that although U.S. intelligence had found no evidence to link the attack with the Russian government, he believed the country had "some responsibility to deal with" the issue.The pipeline, which stretches more than 5,500 miles and carries 45 percent of the East Coast's supply of diesel, petrol and jet fuel, was taken offline over the weekend, disrupting fuel supply across eastern parts of the country and pushing prices up.

The Biden administration is taking some important steps outside of the infrastructure bill to address the issue of ransomware and cybersecurity more broadly. The recent announcement of a Department of Homeland Security “sprint” to tackle ransomware by raising awareness and disrupting bad actors, a Department of Justice ransomware task force to go after perpetrators and suggestions that a new White House ransomware plan is forthcoming all signal an increased willingness by the federal government to act. But unfortunately, these are inadequate and significant vulnerabilities still exist.

Specifically, the Biden administration’s proposed infrastructure spending plan doesn’t address securing infrastructure from malicious cyber activity. The president’s budget proposal for next year also doesn’t prioritize cybersecurity. The Cybersecurity and Infrastructure Security Agency received only a 5 percent budget increase, compared to the overall 16 percent increase in nondefense spending. Both the budget and the infrastructure plan continue the Trump administration's failure to sufficiently fund cybersecurity efforts in the nondefense department budget areas.

A correction is possible. Congress can alter the infrastructure plan to prioritize needed investments in the cybersecurity of our most vulnerable critical infrastructures, including water and wastewater infrastructure, electricity grid distribution systems, maritime transportation systems and municipality networks. Given the large price tag of the White House’s infrastructure plan, this spending shouldn’t be contentious.

Colonial Pipeline ransomware hack and gas shortage: What you need to know

  Colonial Pipeline ransomware hack and gas shortage: What you need to know A weekend shutdown of the pipeline is still playing out along the East Coast.Colonial Pipeline was the target of a ransomware attack that forced it to shut down operations.

Such an investment plan could include expanding the government’s Pipeline Cybersecurity Initiative to include the use of grants and low-interest loans to rectify shortfalls that the initiative identifies in boundary protection, monitoring, configuration management and access controls.

It’s also important that the government establish a public-private collaboration so the private-sector entities responsible for systems and assets that underpin national critical functions, such as Colonial Pipeline, shoulder additional security requirements befitting their unique status and importance to include requirements to report all cyber intrusions. In exchange, these entities would benefit from additional federal protections even as they are entrusted with access to the most up-to-date, actionable and relevant federal intelligence on emerging threats.

As members of the Cyberspace Solarium Commission, we were pleased to see Congress codify into law two recent provisions that will help victims prepare for, respond to and mitigate the consequences of cyberattacks. First, a Joint Cyber Planning Office will soon be established to help coordinate campaigns to fight cyberattacks between the public and private sectors. Secondly, the executive branch must develop a playbook for maintaining the functioning of the national economy in the event of a significant cyber incident. Although both these initiatives have been authorized by law, the administration must now take action on implementation.

As the Biden administration and Congress prioritize a massive infrastructure plan, now is the time for the federal government — and the country as a whole — to come to terms with the major investments needed to ensure the security and resiliency for our national systems. Otherwise, many more Americans will be impacted by the next bad day in critical infrastructure.

Fact check: Viral image of plastic bags filled with gas is from 2019 .
An image claiming to show gas-filled plastic bags amid the shutdown of the Colonial Pipeline was actually taken in 2019 in Mexico.The 5,500-mile Colonial Pipeline, which delivers about 45% of fuel for the East Coast, shut down on May 7 following a ransomware attack by a hacking group called DarkSide. Pipeline operations resumed on May 12.

usr: 4
This is interesting!