In 2021 many of Colonial Pipelines IT systems were locked by malware and out of caution they shutdown the fuel pipelines feeding nearly half of the Eastern US leading to chaos at the gas pump and a state of emergency being declared. We look at how poor off-boarding hygiene led to an easily preventable cyber-attack.
With John Chidgey.
Hearing:
- Hearing Before the Committee on Homeland Security House of Representatives Transcript
- Threats to Critical Infrastructure: Examining the Colonial Pipeline Cyber-Attack (PDF)
- Charles Carmakal Statement from Hearing (PDF)
General Information:
- Colonial Pipeline
- Colonial Pipeline Ransomware Attack
- How Three Major Cyber Attacks Could Have Been Prevented
- What IT security teams can learn from the Colonial Pipeline
- Evolution of the Chief Information Security Officer
- US Fuel Pipeline Hackers Statement
- DarkSide
- DarkSide Leaks Press Center (X)
- DarkSide Ransomware Gang Behind Pipeline Hack Quits
- TSA Renews Cyber-Security Guidelines for Pipelines
- DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators
- Federal Motor Carrier Safety Administration
- Emergency Declaration for 17 States
Support Causality on Patreon
Episode Gold Producers:
'r' and Steven Bridle.
Episode Silver Producers:
Mitch Biegler, Shane O'Neill, Lesley, Jared Roman, Joel Maher, Katharina Will, Chad Juehring, Dave Jones, Kellen Frodelius-Fujimoto and Ian Gallagher.