On 5/14/2021 9:29 PM, wrote:
On Friday, May 14, 2021 at 3:51:42 PM UTC-4, Mr. Luddite wrote:
On 5/14/2021 11:46 AM, Keyser Söze wrote:
Colonial pipeline operators began restarting operations Wednesday
evening but said it would take “several days” for the supply chain to
return and warned some markets could continue experiencing “service
interruptions.” The mass panic caused by gasoline shortages and spiking
prices across the East Coast — nearly 7 in 10 gas stations in North
Carolina, and about half in Virginia and South Carolina, were out of gas
Wednesday evening, according to GasBuddy — highlighted the vulnerability
of aging U.S. energy infrastructure unable to handle 21st-century
threats, even those known about far in advance.

Founded as a joint venture by nine oil companies 59 years ago, *Koch
Industries* currently owns the largest stake in the company.

An outside audit of the Colonial Pipeline’s cyberattack defenses,
delivered to the company more than three years ago, described
“atrocious” information management practices and “a patchwork of poorly
connected and secured systems,” its author told The Associated Press.
“We found glaring deficiencies and big problems,” said Robert F.
Smallwood, whose firm prepared an 89-page report after a six-month
audit. “I mean, an eighth-grader could have hacked into that system.”
Colonial Pipeline operators have been seeking to hire a cybersecurity
manager for more than a month, with 32 applicants on LinkedIn.


I can't verify the accuracy of this but I heard one report that the
"hacking" was actually into Colonial Pipe's financial systems and not
the operations or equipment associated with the pipelines. Tying up
the banking and financial controls of the company is what caused it
to shut down the system. They reportedly paid a five million dollar
ransom to unlock the company's finances and hence, operations.

It makes sense that Koch Industries would be somehow tied to the
pipeline systems. One of the major business areas and products
of Koch and it's subsidiaries is steel piping. One division
built only nuclear graded products. Koch was also heavy into
gas separation systems that are used to provide oxygen, LN2 and
other gases for commercial and medical use.



--
This email has been checked for viruses by AVG.
https://www.avg.com

===

Here's more info on the actual hack:

---
In the case of Colonial Pipeline, the DarkSide ransomware group attacked the company's business network rather than the more sensitive operational technology networks that control the pipeline. But Colonial took down its OT network as well in an attempt to contain the damage, increasing the pressure to resolve the issue and resume the flow of fuel along the East Coast. Another potential factor in the decision, first reported by Zero Day, was that the company's billing system had been infected with ransomware, so it had no way to track fuel distribution and bill customers.
---
From Wired magazine:

https://www.wired.com/story/colonial...omware-payment



That's what I heard and it makes sense. Tying up the business and
financial data basically puts a company out of business, especially
one with a complicated distribution and billing system.