Pipeline Cyber Attack

[volfanhill]

Is it possible it wasn't hackers? Sure. Was it hackers more then likely? Yes.

 

[SpaceCoastVol]

$5 million dollars? Seriously? That's chump change.

 

[0nelilreb]

I am very much in favor of EV tech, but for the foreseeable future it is hardly green. Far too much power is still generated by coal. I haven't looked up the math, but I'm nearly certain that conversion efficiencies are such that a good clean diesel engine --> car wheel is dumping less crap into the environment than coal --> AC electricity -> your house via transmission lines --> DC electricity --> the car battery --> the EV motor/car wheel. Until more of the EV's power is generated at our homes via renewable sources, pipelines are an effective way to improve the distribution of fuels.

And I'm really a fan of EVs. I hope to have one soon. Won't be getting rid of my full-sized GMC pickup though.

I saw an interview with an Ecco expert and he had a lot of figured based on the the production of gas and combustion vehicles vs the E cars and he said on average it would take 7 years of driving ( without any upgrades to your Ecar ) before you start seeing any difference in impact from owning the E Car . I’m looking for that interview so I can post .

 

[Velo Vol]

It could be anyone.

Elliptic Follows the Bitcoin Ransoms Paid by Colonial Pipeline and Other DarkSide Ransomware Victims

 

[Orangeburst]

Hmm..so it sounds they paid and now propoganda they did not pay. Personally, for $5 mil they should of paid just to track em down and denied they paid for future collateral incidents

 

[AM64]

OK, so how many people believe the narrative of a "hacker" shutting down the pipeline?

It points out several things that have been obvious to anybody with a brain.

- Nobody takes white collar crime seriously enough. The penalties need to include life sentences and the death penalty even if no life is taken literally by the criminal - too many lives are destroyed by them for a slap on the wrist.

- There needs to be a new stance on corporate liability when corporations fail to secure data belonging to others - liability with actual fangs so bad that companies would think twice about collecting and storing your information

- Connecting and controlling power grids, fuel pipelines, traffic management (rail, car, air) using the internet is stupid - criminally stupid

- Nobody is apparently immune from hackers - not our government and military, not Iranian bomb makers, and certainly not the people who maintain records about you and your money

- Hackers need to be destroyed - eradicated like bugs when they crop up

- There needs to be at least two Internets - one that we use and a "hardened" one that would survive if an enemy brings things down around our ears. The internet is a common mode failure in the making - something you can never allow in a design. As SCV said earlier a couple of EMP's and we are toast. Another way to look at it is several car manufacturers are shut down because of a chip shortage - one key component can stop everything.

- A key bridge failure can seriously affect transcontinental shipping, a pipeline can disrupt fuel supply, etc, but what of the data transmission grid that moves phone, message, and data traffic - what is that vulnerability?

 

[Rasputin_Vol]

- A key bridge failure can seriously affect transcontinental shipping, a pipeline can disrupt fuel supply, etc, but what of the data transmission grid that moves phone, message, and data traffic - what is that vulnerability?

Hmmm, must have forgotten about the chaos after the Nashville bombing this Christmas.

 

[AM64]

Hmmm, must have forgotten about the chaos after the Nashville bombing this Christmas.

Imagine if it had been the power grid and a lot more locations involved.

 

[Orangeburst]

$5 million dollars? Seriously? That's chump change.

You must of took that Texas trucking job!

 

[Velo Vol]

Thread.

 

[Velo Vol]

It points out several things that have been obvious to anybody with a brain.

- Nobody takes white collar crime seriously enough. The penalties need to include life sentences and the death penalty even if no life is taken literally by the criminal - too many lives are destroyed by them for a slap on the wrist.

- There needs to be a new stance on corporate liability when corporations fail to secure data belonging to others - liability with actual fangs so bad that companies would think twice about collecting and storing your information

- Connecting and controlling power grids, fuel pipelines, traffic management (rail, car, air) using the internet is stupid - criminally stupid

- Nobody is apparently immune from hackers - not our government and military, not Iranian bomb makers, and certainly not the people who maintain records about you and your money

- Hackers need to be destroyed - eradicated like bugs when they crop up

- There needs to be at least two Internets - one that we use and a "hardened" one that would survive if an enemy brings things down around our ears. The internet is a common mode failure in the making - something you can never allow in a design. As SCV said earlier a couple of EMP's and we are toast. Another way to look at it is several car manufacturers are shut down because of a chip shortage - one key component can stop everything.

- A key bridge failure can seriously affect transcontinental shipping, a pipeline can disrupt fuel supply, etc, but what of the data transmission grid that moves phone, message, and data traffic - what is that vulnerability?

1) Many (most?) of these attacks come from foreign countries. Makes prosecution difficult.

2) I think the data at issue here was Colonial's own data.

3) Is there an alternative?

4) Correct.

5) Maybe some of them are?

6) Like (3) I don't know if this is possible.

7) There's a vulnerability, but also the system has redundancies.

 

[hUTch2002]

I see your Schwartz is as big as mine!

 

[hUTch2002]

Colonial Pipeline 'will NOT pay $5M Ransom to DarkSide Russian hackers' as Biden Promises 'situation will be under control in next 24 hours': 65% of N. Carolina gas stations are now dry and Charlotte orders residents to 'limit travel'

Colonial Pipeline reportedly has no plans to pay rumored $5 million-plus ransom to Russian hackers who have paralyzed the key gas pipeline, as President Joe Biden vows to get the fuel crisis 'under control' with pressure mounting on his administration to do more.

'We have been in very, very close contact with Colonial Pipeline,' Biden said Wednesday, without offering further details. 'I think you're going to hear some good news in the next 24 hours and I think we'll be getting that under control.'

Critics of the administration are already placing the blame for the fuel shortage squarely in Biden's lap, demanding concrete answers on what his administration is doing to ease the crisis, which entered its sixth day on Wednesday as shortages spread from Baltimore to Florida..

Fight breaks out at NC gas pump amid Russian cyberattack fuel crisis | Daily Mail Online

Interestingly, that $5M probably represents about a third of their costs to get back up and running. They still have to pay to have someone analyze what happened (seems this has already started), update everything so it can’t happen again, probably do some retraining of employees, and more. Plus, I’m sure they hired a PR firm to help with public perception. All in I bet they pay more than $15M due to this attack if they pay that ransom.

 

[hUTch2002]

Not stating a position, I’m just asking the question...

View attachment 367756

What’s even better but got much less publicity...CNA, one of the largest Cyber insurance providers, got hit with a ransomware attack and their system was entirely shut down for a month! No emails, no policies issued, no quotes, they couldn’t do anything. Quite ironic.

 

[allvol123]

It points out several things that have been obvious to anybody with a brain.

- Nobody takes white collar crime seriously enough. The penalties need to include life sentences and the death penalty even if no life is taken literally by the criminal - too many lives are destroyed by them for a slap on the wrist.

- There needs to be a new stance on corporate liability when corporations fail to secure data belonging to others - liability with actual fangs so bad that companies would think twice about collecting and storing your information

- Connecting and controlling power grids, fuel pipelines, traffic management (rail, car, air) using the internet is stupid - criminally stupid

- Nobody is apparently immune from hackers - not our government and military, not Iranian bomb makers, and certainly not the people who maintain records about you and your money

- Hackers need to be destroyed - eradicated like bugs when they crop up

- There needs to be at least two Internets - one that we use and a "hardened" one that would survive if an enemy brings things down around our ears. The internet is a common mode failure in the making - something you can never allow in a design. As SCV said earlier a couple of EMP's and we are toast. Another way to look at it is several car manufacturers are shut down because of a chip shortage - one key component can stop everything.

- A key bridge failure can seriously affect transcontinental shipping, a pipeline can disrupt fuel supply, etc, but what of the data transmission grid that moves phone, message, and data traffic - what is that vulnerability?

Agree with the penalty suggestions.

They should actually be treated as agents of war and executed on the spot. Messages need to be clear for anyone willing to participate in these ventures, in the future.

 

[volfanhill]

Thread.

It's not uncommon for hacker groups to go dark after a big score. They will be back with a different name soon.

 

[Grand Vol]

It's not uncommon for hacker groups to go dark after a big score. They will be back with a different name soon.

I figure the Biden fluffers will try to claim he's responsible for the "retaliation."

 

[AM64]

Agree with the penalty suggestions.

They should actually be treated as agents of war and executed on the spot. Messages need to be clear for anyone willing to participate in these ventures, in the future.

I's extortion - no different in concept than when the mafia collection agents show up at mom and pop's diner to collect the weekly protection fee. Extortion on this scale is just bigger and safer - the safer part needs to be taken away from them.

 

[AM64]

1) Many (most?) of these attacks come from foreign countries. Makes prosecution difficult.

2) I think the data at issue here was Colonial's own data.

3) Is there an alternative?

4) Correct.

5) Maybe some of them are?

6) Like (3) I don't know if this is possible.

7) There's a vulnerability, but also the system has redundancies.

1 - Perhaps the internet crossing national boundaries is a mistake. Nations have laws and enforcement. I'm certainly not ready to go to global laws and enforcement.

2 - True. Still doesn't the threat apply to any company holding private data. Only when corporate officers themselves are faced with real penalties for breach of our data on their equipment, will you see serious security - or they decide they don't actually need our data.

3 - We operated with regional power grids for many years before the internet. In fact, we did all kinds of stuff successfully without the internet. I like the internet; it's convenient, and I love the ability to conduct research; but the whole concept has deteriorated into one big tar baby. You control technology or it controls you - and we as humans don't seem to be managing the internet well.

5 - Hope so. I've had my own thoughts about how to destroy equipment when a robocall comes in. You answer - it's one - press 5 for extinction. Amazing how the feds can't do anything about it while trying to convince us all the other stuff they can do. Of course, if you could actually remotely destroy a robocall system, you'd probably be a right wing terrorist according to the feds.

6 - Does the system really have redundancies? Sure you can reroute around hubs, and the Mississippi railroad bridges are still standing and planes can fly over, but you realize how few highway bridges there actually are -especially in the lower Mississippi where it's wider. Many of those bridge structures carry pipes and cables besides cars. We are far more dependent than we've ever been for transportation of goods because we don't have distributed manufacturing. Sometimes what makes sense in a corporate office when things are going great and easy profits are there for the taking makes absolutely no sense in a compromised environment - we've made ourselves an easy target.

 

[508mikey]

not a pipeline but yet another Russian ransomware attack Meat producer ransomware attack disrupts global production Goobers better hoard meat now

 

[McDad]

not a pipeline but yet another Russian ransomware attack Meat producer ransomware attack disrupts global production Goobers better hoard meat now

Willing to trade some shopping bags full of gas for Ribeyes. hmu if interested.

 

[Orangeburst]

Willing to trade some shopping bags full of gas for Ribeyes. hmu if interested.

Diamond Jims or Mr Foley meat?.

 

[VolStrom]

Willing to trade some shopping bags full of gas for Ribeyes. hmu if interested.

I've heard that the meat industry was heavily dependant on Windows 98, this is just conformation. We are under attack!

 

[Tyler Durden]

not a pipeline but yet another Russian ransomware attack Meat producer ransomware attack disrupts global production Goobers better hoard meat now

Another reason to switch to a plant based diet

 

[PEPPERJAX]

Another reason to switch to a plant based diet

That sounds like a good idea until Russian hackers disrupt production at tofu burger factories.