Ransomware has targeted Colonial Pipeline, the US’s leading oil pipeline operator. The pirates demand a ransom. According to the International Association of Information Technology Asset Managers (IAITAM), ransomware is set to multiply.
Energy ransomware cyberattacks multiply in the U.S.
A ransomware attack has targeted America’s leading oil pipeline operator, Colonial Pipeline. This code exploits security loopholes to encrypt computer systems. Those responsible for the cyberattack demand a ransom before decrypting the system.
Since then, Colonial Pipeline has been forced to halt all its distribution operations. Operators managed to restart some of the pipelines. Nevertheless, the main lines are still inoperative.
The Colonial Pipeline is essential
The Colonial Pipeline is considered essential to America’s energy supply. It transports 2.5 million barrels of kerosene, gasoline and heating oil daily from Texas to New England. This pipeline network supplies 45% of the fuel used on the US East Coast.
Similarly, the IT network ofrenewable energy producer Albioma fell victim to a ransomware cyberattack. It did not have the same impact, as the attack did not result in any data breaches. No impact on industrial operations was detected, as the power plants were isolated from the network affected by the intrusion.
“The cyber and high-tech side threatens infrastructure projects”.
IAITAM is the leading authority on IT asset management. For some months now, the international organization has been highlighting security flaws in computer hardware and software. Recent ransomware attacks have targeted a dam, a city’s water supply, hospitals and electricity utilities.
“Old and new infrastructure projects tend to be large-scale […]. When most people think of security, they tend to think of the physical, low-tech side. But, increasingly, it’s the cyber and high-tech side that threatens infrastructure projects”, sums up the IAITAM president.
IAITAM warns the US government
American companies are thus threatened by major failures in their IT asset management. Often, it’s a question of incorrectly updated software, or employees exploiting information on a personal, unsecured cell phone. Agencies need to ensure that devices and software associated with infrastructure projects are properly secured.
IAITAM is clearly warning the US government to allocate hundreds of billions of dollars to the infrastructure sector. Without proper management, these expenses could end up amplifying security breaches even further. Energy cyberattacks are becoming real geopolitical risks, which must be contained.
