Colonial Pipeline confirms cybersecurity attack, temporarily halts operations

Quote via S & P Global


According to John Cusimano, vice president of aeCyberSolutions, (a division of aeSolutions) pipeline cybersecurity lags that of other energy industry sectors.

"A common gap in the pipeline industry is the lack of segmentation of the pipeline supervisory control and data acquisition (SCADA) networks which are the networks that connect the pipeline control center to every terminal, pumping station, remote isolation valve, and tank farm along the pipeline," Cusimano said in emailed comments. "These are very large networks covering extensive distances but they are typically 'flat', from a network segmentation standpoint. This means that once someone gains access to the SCADA network they have access to every device on the network."


--------


US Senator Edward Markey said in a statement that an "understaffed, underprepared Transportation Security Administration—which had only six full-time staff on pipeline security as recently as 2019—cannot successfully ensure the security of dangerous and susceptible natural gas pipeline infrastructure."


Read the entire article at Colonial Pipeline confirms cybersecurity attack, temporarily halts operations | S&P Global Platts (spglobal.com)


Related:

Parallels between pipeline leak detection and cyber breach detection


You Do Leak Detection, but Do You have Breach Detection