Cybersecurity firm: Colonial Pipeline ransomware attack a sign of worse things to come

Listen to this article

Last week’s ransomware attack on the Colonial Pipeline has already had an impact along the East Coast.

The company was forced to shut down all of its systems as a precautionary measure after a Russia-based criminal hacking gang, DarkSide, took over its business operations.

Mike Hawkins, CEO of Allentown-based cybersecurity firm Netizen Corp., said the attack has led to higher gas prices and long lines at pumps in some regions of the Southeast, as Colonial was the major fuel provider to the region.

He said while that is a major inconvenience for the public, and devastating for the company, it could have been much worse. The company was able to shut down its pipelines before the hack could worm its way into those systems, potentially impacting  fuel flow or shutting them down completely.

But, he said, the biggest concern he has is that such attacks are happening more frequently, and next time could be worse.

While the gang claims the attack was financially motivated, Hawkins said it shows how such an organization can attack a country’s infrastructure. If such an attack were made on the power grid, for example, he said it could bring the country to a screeching halt.

If the U.S. were to get involved in a conflict with another country, such as Russia, China or North Korea, he said, remote hacking could be an easy way to win a battle from 10,000 miles away.

“The U.S. needs to be more proactive versus reactive,” he said.

Akhil Handa, COO of Netizen, said such attacks are getting easier for hackers to perform.

“We’re seeing so much of an uptick because much of these ransomware attacks are now automated,” Handa said. “They can just go from one to the next, targeting those that they think will pay.”

Hawkins said the groups are attacking governmental agencies, utilities and other organizations in charge of infrastructure, because they are often in charge of computer systems that are vital and have no choice but to pay hundreds of thousands if not millions of dollars to get their access back.

He pointed to a 2018 ransomware attack on the city of Allentown which ended up costing the city $1 million to fix.

Other recent attacks have been even more serious.

He pointed to a cyberattack on a water system in Oldsmar, Florida where hackers were able to raise a certain chemical in the water remotely, making it poisonous.

Fortunately, before the water got out to the public, an employee noticed the problem and stopped it.

“If they hadn’t seen that it would have been so much worse. It was really plain luck,” said Handa.

Such attacks have also become more frequent at hospitals, putting patients’ lives at risk.

“When you’re talking about life and death you can’t put a price tag on that,” Hawkins said.

Handa said the problem is that so much of the software controlling infrastructure, like pipelines, is outdated and easy to infiltrate once a hacker gets into an overall system.

He said that while his firm gets a large amount of customers after an attack has occurred, governmental entities and companies need to update their systems before an attack to save money and their reputation.

“Until we start bring these into the modern age with new modules and new software, we’re going to be vulnerable,” Handa said.

Hawkins added that the Colonial Pipeline attack showed that even when an attack happens on back office systems “It can get bad really fast.”