A sure way to appreciate the importance of the core of the infrastructure is to see what happens when it stops working unexpectedly. For example, most people did not think much about the importance of the Suez Canal, but that changed in March when an overland container ship suddenly blocked it. Usually reliable systems have failed temporarily. The world noticed.
How a Ransomware Attack shut down
Something similar has happened since last week in a comprehensive, critical petroleum transportation system operated by a company called Colonial Pipeline. On Friday, May 7, the company learned that it had been hit by a ransomware attack. On Monday afternoon, the company said it was working hard to recover and run its operations. “Parts of our pipeline are slowly being brought back online,” it said.
Understand, you should not think too much about ransomware attacks or where the gas in your car came from. Here are your questions about the situation.
What do colonial pipelines do?
Jet fuel, diesel, gasoline and other petroleum products travel approximately 5,500 miles of the colonial pipeline. The company said its operations cover 14 states from Texas to New Jersey and carries a total of more than 100 million gallons of fuel per day. About half of the fuel used by the East Coast comes from the company’s operations.
This means that if you fill your car on the east coast, there is a possibility that fuel will pass through these pipes. Therefore, if you are flying from an airport such as Washington Dallas or Hartsfield-Jackson Atlanta, the metal bird must have come from fuel colonization; The company will ship to seven different airports. The army gets fuel from the company.
Here is a diagram of four main lines with small sub-lines. Typically, fuel flows north and east along the main lines.
Analyst Patrick D Hahn says gas has not become more expensive as a result of the situation, and its Twitter updates are excellent information on the case.
What is a ransomware attack?
Can hold a human hostage for rescue missions and data. “Ransomware has surfaced in the last few years,” said Ben Miller, vice president of the cybersecurity company Dragos. “Human operators gain access to these environments, and [victim’s] hard and computer systems are encrypted.” They want money – bitcoins, perhaps – in exchange for publishing free information.
“In many cases, your personal computer will display a warning message,” he said. The same message will also appear in many other places. A popular example of another ransomware attack is called WannaCry.
So who did
The FBI reports that it is a group named Darksight.
“They see themselves as a business,” Miller notes of Darksight. Like any business, they want to make money, which is their worst business model.
This BBC story includes screenshots that show what kind of news DarkShide will display on its infected computers.
As infrastructure and connected computer systems attack, more such cases can be expected in the future. “It’s a sign of things to come,” Miller said.
So what can a ransomware company easily do?
Shuman Kosmazumdar, the global leader in artificial intelligence at cyber security firm F5, says a system that attacks ransomware is looking for some elements. They must have valuable data that they are willing to pay to achieve goals and resources to accelerate recovery. Also, criminals like Darkside need a way to reach the target system first.
“The way they actually got there was based on a technical infrastructure that was weak enough for them to find a way and then install the ransomware,” Gosmajumdar said. “This usually means that there is a system in your infrastructure that is not provided to you.”
At the same time, the program was a reminder of the importance of running the latest version of the software locally. When Apple, for example, updates your iPhone’s software relatively painlessly, running a complex and dangerous, like a large company petroleum pipeline, can be a very difficult process. “What you usually see is that they are mainly related to the stability and reliability of overall business operations,” he said. “The way to achieve this using known, stable versions of software.”
Read Also: A Hearing Aid Benefits and a Doctor’s Visit
Older versions of Windows and other tried-and-true software can be unreliable from a functional standpoint, and upgrades can be costly, time-consuming, and introduce new issues. But relying on outdated code can also be a security risk. CosmaJumder states that from installing the necessary links to thinking about upgrading to a full version of the software, companies should prioritize how they manage the problem.
Are there big lessons here?
Yes, public services are a “peaceful element” for them, Miller of Dragos says. “How it works Power grid, water, oil and gas – they all use the same computer system.” .
“As these systems become increasingly interconnected, they become more exposed and more likely to be attacked,” he said.