Colonial Pipeline CEO on Capitol Hill after ransomware assault crippled East Coast gasoline pipeline

Blount will face lawmakers for the primary time since a six-day shutdown of the pipeline in Might led to panic shopping for and widespread gasoline station outages within the Southeast.
The Colonial incident, adopted a number of weeks later by a cyberattack on a serious US meat producer, highlighted the grave danger that ransomware can have for companies and important companies all through the US, as criminals have more and more had success focusing on giant enterprises.

Ransomware assaults have grown in each scope and class within the final 12 months, Deputy Lawyer Normal Lisa Monaco stated Monday, calling it an “epidemic.”

Blount admitted final month that he licensed a ransom cost of $4.4 million, calling it a “extremely controversial choice,” in an interview on the time.

“I did not make it flippantly. I’ll admit that I wasn’t snug seeing cash exit the door to individuals like this,” he advised The Wall Road Journal.

The FBI and Division of Homeland Safety advocate in opposition to paying ransom due to the potential to encourage further assaults. Cost additionally doesn’t assure {that a} sufferer’s recordsdata shall be recovered.

Within the case of Colonial, it seems the corporate’s notification to the FBI helped investigators observe down and seize roughly $2.3 million in Bitcoins that had been paid to the prison group — a uncommon end result for a corporation that has fallen sufferer to ransomware.

US authorities beforehand attributed the pipeline assault to DarkSide, a hacking group linked to Russia that emerged final summer season providing ransomware as a service to so-called associates.

Blount is scheduled to handle lawmakers twice this week, the place he’ll probably be questioned concerning the cost choice, in addition to the cyber safety requirements the pipeline had in place previous to the assault.

He testifies first earlier than the Senate Homeland Safety and Governmental Affairs Committee on Tuesday, and once more earlier than the Home Homeland Safety Committee Wednesday.

Over the weekend, Power Secretary Jennifer Granholm stated she can be open to a regulation that bans the cost of ransom, however she stated it is unclear if Congress or President Joe Biden agree.

“I feel that we have to ship this sturdy message that paying a ransomware solely exacerbates and accelerates this downside,” she advised NBC’s “Meet the Press.”

The listening to additionally follows Colonial’s revelation that ransomware attackers gained entry to the corporate’s laptop networks in April utilizing a compromised password.

The password had been linked to a disused digital non-public networking account used for distant entry, and the account was not guarded by an additional layer of safety generally known as multi-factor authentication, the cybersecurity agency employed by Colonial confirmed to CNN.

Bloomberg first reported the password vulnerability following interviews with Blount and Charles Carmakal, senior vice chairman at Mandiant — the forensic division of the cybersecurity agency FireEye.

It’s nonetheless unclear how the attackers obtained the compromised credential.

US authorities later stated that whereas the assault compromised Colonial’s IT methods, there was no proof that its operational methods had been affected.

As a part of the Biden administration’s effort to grapple with the risk from ransomware, the Transportation Safety Administration issued a safety directive final month mandating that important pipeline operators adjust to a number of cybersecurity measures, together with reporting cybersecurity incidents to the division inside 12 hours and designating a “24/7, all the time obtainable” cybersecurity coordinator.

The cyberattack on Colonial uncovered how ransomware, which is primarily a prison, profit-driven enterprise, “can rise to the extent of posing a nationwide safety danger and disrupt nationwide important capabilities,” a DHS official stated when the directive was introduced.

The highest lawmakers on the Senate Homeland Committee, Sens. Gary Peters, a Michigan Democrat, and Rob Portman, an Ohio Republican, launched laws in April that might set up a cyber response and restoration fund to assist corporations get well from important cyber assaults.
“Our nation is more and more susceptible to cyberattacks day-after-day, because the Colonial Pipeline ransomware assault confirmed. Cyberattacks are getting worse and extra frequent whereas the federal government and significant infrastructure are extra depending on data expertise,” Portman stated in a press release final month.

CNN’s Evan Perez, Zachary Cohen, Alex Marquardt and Brian Fung contributed to this story.

Source link

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Keira Knightley says all the ladies she is aware of have been sexually harassed Watch Kosty Ivanof’s Unbelievable Journey To The 1979 NHRA US Nationals