Colonial Pipeline attack shows how vulnerable infrastructure and utilities can be to hackers
More than 1,000 gas stations in the Southeast are running out of fuel following a cyberattack on the Colonial Pipeline on Friday. The pipeline carries nearly half of the fuel for the East Coast.
The attack has brought a new focus on how vulnerable infrastructure and utilities can be to hackers.
“If it’s a computer system, it has the potential of having vulnerabilities…This is a problem that impacts us all,” says Dr. Jerry Dawkins, co-founder of the Hauppauge-based True Digital Security.
Secretary of Energy Jennifer Granholm says that authorities have been investigating the attack around the clock. It is believed to be linked to Russia.
Experts warn that companies and utilities can be vulnerable to a ransomware attack.
“This is a big deal,” says Dawkins.
Dawkins says that ransomware attacks typically involve a hacker contacting a company and threatening to release information they've hacked unless they are paid a ransom. Companies like Colonial then must try to get the hackers out.
“The disruption was caused in part because of the attack itself, but I think the disruption was caused in part because of the response of the organization to that attack. They had to take that attack down. And they had to turn off their computers and basically do a reset,” says Dawkins.
Hackers could target the power grid or local water utilities.
“Some of the attacks I've seen against water utilities are typical with regard to some of the chemicals,” says Dawkins. “That would definitely be an attack almost like a bioweapon type of attack because you can hurt people.”
He says that Americans can protect their own data against ransomware attacks with regular software updates.
“Think about multi-factor authentication. Think about dual-factor authentication,” says Dawkins. “Protect yourself, protect your Facebook account, protect your Instagram account.”
He also says that parents should pay attention to the things their kids are downloading.
“I've got two young kids and I'm making sure that they're aware when they want to get an app on their iPad - you know, I want them to understand what that game is. Does it have any chatting capability? And does it have any security restrictions?” says Dawkins. “Just be diligent over what you're doing and how you're doing it.”
President Joe Biden says there is no evidence the Russian government is behind the attack, but the ransomware appears to be from Russia.