Michael M. Santiago via Getty Images via Getty Images
The cyberattack on Colonial Pipeline illustrates how difficult it will be for electric utilities to protect their grids from disruption
, experts say
, even when attacks are primarily targeting information technology (IT) systems.
The Colonial ransomware attack never migrated into the pipeline's operational technology (OT) environment, and the company says the shutdown was a proactive safety measure. That's good protocol, security experts say, though it simultaneously exposes a vulnerability:
"If you have an attack on the IT network, the OT network is going to go down," according to electric utility sector security consultant Tom Alrich.