Cybersecurity and Infrastructure Security Agency (CISA)
DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Original release date: May 11, 2021 | Last revised: May 12, 2021
Please click here to read the full article.
U.S. Coast Guard
- ILTA continues to press USCG
on providing flexibility in TWIC access requirements in areas affected by the
outage. USCG headquarters has confirmed that regulated marine terminals may ask
their Captain of the Port (COTP) for a deviation under the 33 CFR 105.125
ILTA has stressed to the Coast Guard that
terminals are having difficulty reaching COTP for needed approvals.
- The Coast Guard has
provided a link
to an online directory
with additional phone numbers for contacting COTP. An additional option is to send a concise letter via email to the
COTP proposing the facility’s interim measures for security while truck drivers
without TWICs are given access to loading racks.
News Excerpts: Bloomberg: Biden Says to Expect ‘Good News’ on Pipeline Within a Day
- President says U.S. military may help transport fuel
- Gas prices top $3 as Colonial shutdown causes shortages
President Joe Biden said he expects “good news” soon about a major fuel pipeline that was shut down by a ransomware attack last week and that he would allow the military to help transport gas to parts of the country that are running out.
“I think you’re going to hear some good news in the next 24 hours, and I think we’ll be getting that under control,” Biden told reporters at the White House on Wednesday. He didn’t elaborate.
In the meantime, he said, “I’ve lifted some of the restrictions on the transportation of fuel as well as access to the United States military providing fuel, and with vehicles to get it there, places where it’s badly needed.”
The Colonial Pipeline system has been shutdown for five days since the cyberattack. U.S. pump prices topped $3 for the first time in six years as drivers lined up for scarce gas across the East Coast.
Read more: Gasoline Prices Hit $3 as Shortages Grow on
Biden said the attack demonstrated the need for U.S. investments in education to improve the nation’s cyber defenses. He’s proposed some $4 trillion in spending on infrastructure, social welfare and education programs.
“We need a significantly larger number of experts in the area of cyber security working for private companies, as well as private companies being willing to share data as to how they’re protecting themselves,” he said. “I think that’s part of the long-term answer, not just in terms of energy but across the board.”
Pipeline hack shows need for infrastructure spending
Pete Buttigieg on Wednesday characterized fuel shortages caused by a
ransomware attack on the Colonial Pipeline system as more evidence of
the need for an aggressive investment in the nation’s infrastructure.
Buttigieg said the
attack was “a wake-up call” for the country to get serious about the systems
that keep it running.
“We’ve now had, you
could argue two major wake-up call experiences, one in Texas, and now one here,
each with a different cause but both reminding us about the work that we have
to do as a country,” Buttigieg said, referring to power outages caused by cold
weather in Texas that occurred earlier this year.
“The reality is that
investing in world-class, modern and resilient infrastructure has always been
central to ensuring our country’s economic security, our national security and
as we’re seeing right now, that includes cybersecurity,” he said. “This is
not an extra, this is not a luxury, this is not an option.”
Pipeline hack, lawmakers want more action on pipeline security
initiative to bolster pipeline cybersecurity begun in 2018 is a good start, but
more can be done, critics say. “I have raised significant concerns with
TSA’s focus on surface transportation, including pipelines, for years,” Rep.
Jim Langevin, D-R.I., told CyberScoop. He
pointed to a 2018 audit from the Government Accountability Office
that found that TSA’s pipeline cybersecurity work was inadequate and lacked
“lack clear definitions to ensure that pipeline operators identify their
“CISA says the federal Pipeline Cybersecurity Initiative draws on government and private-sector
expertise “to identify and address cybersecurity risks to enhance the
security and resiliency of the Nation’s pipeline infrastructure.” The
initiative has shown promise, according to Rep. John Katko, of New York, the
top Republican on the House Homeland Security Committee.
“Now, in the wake of the
Colonial Pipeline ransomware incident, ensuring the success, growth, and
effectiveness of the Pipeline Cybersecurity Initiative is more important than
ever before,” Katko
wrote in a letter to Acting CISA Director Brandon Wales on Tuesday.”
Stations Run Dry in Southeast as Panic Buying Grows Even Worse
Gas stations are pumping
out days' worth of fuel in a matter of hours, and a growing number are going
empty. The Consumer Product Safety Commission is
begging Americans not to put fuel into plastic bags, or
anything not designed to carry gasoline.
And governors are
declaring states of emergencies while pleading with residents not to
"panic buy" or fill up their tanks when they don't need to — requests
that so far seem futile.
The disruption, sparked by a cyberattack that
led to the shutdown of a major U.S. fuel pipeline last week, is taking on a
life of its own and sparking a self-perpetuating problem.
Gas Stations Run Dry as Pipeline Races to Recover from Hacking
“The Northeast can secure gasoline shipments from Europe, but it will come at an increasing cost the longer the pipeline stays shut. In the meantime, fuel producers including Marathon Petroleum Corp. are weighing alternatives for how to ship their products to the Northeast.
Landlocked cities face the greatest danger of fuel shortages compared with those with access to water-borne deliveries," said Steve Boyd, senior managing director at Houston-based distributor Sun Coast Resources Inc. If the pipeline remains down for many more days, he’s anticipating a “massive surge in orders.”
Please click here to read the full article.
Article - PDF Version
"Colonial was the victim of a ransomware attack last week in which the hackers stole nearly 100 gigabytes of data, a breach that caused the company to shut down operations of the biggest fuel pipeline in the U.S. The hackers were using the servers that were disabled as a repository for storing information before relaying it to computers in Russia," the people said. "But Colonial’s data hadn’t yet been sent, which allowed investigators to retrieve it," the people said.