Photo: Colonial Pipeline Co.
After a ransomware incident, Colonial Pipeline Co. says it has restored smaller pipelines that ship fuel to the U.S. East Coast, but its larger ones are still offline as it assesses safety.
The company ships millions of gallons per day of fuels such as gasoline, heating oil, jet and diesel from refineries in the South to East Coast destinations. The company says smaller lateral lines between terminals and delivery points are now operational, according to an update on Sunday.
Four main lines, however, still are not functioning. Those lines were voluntarily taken offline Friday by the company after it discovered ransomware. The company has not given a timeline as to when full operations will resume (see:
Get Permission
Merger and acquisition activity involving cybersecurity companies continued at a rapid pace in the last two weeks, with Accenture, Forcepoint, OneTrust and the Swedish IT consultancy firm Knowit AB all making acquisitions.
Professional services firm Accentureannounced April 29 it had entered into an agreement to acquire the managed security services provider Openminded.
During the first week of May, Forcepoint announced it had purchased the browser security company Cyberinc, OneTrust revealed its intention to acquire the third-party risk organization Shared Assessments and Knowit AB announced plans to acquire the cybersecurity consulting firm Cybercom.
Accenture Buying Openminded
Accenture s pending acquisition of Paris-based managed security services provider Openminded would be its second cybersecurity deal of the year. It purchased Real Protect in January
Source: Colonial Pipeline
The FBI and the White House confirmed Monday that the DarkSide ransomware variant was used in the Friday attack that caused disruptions at Colonial Pipeline Co., which operates a 5,500-mile pipeline that supplies fuel, gasoline and other petroleum products throughout large portions of the eastern U.S.
The cybercriminal group behind DarkSide ransomware, however, appeared to try to shift the blame for the incident to an affiliated organization in a posting on its darknet website.
Speaking at the White House on Monday, President Joe Biden noted: The Federal Bureau of Investigation has determined Colonial’s network was infected by ransomware, and it’s a criminal act, obviously. The FBI released details of the attack so others can take steps to prevent being infected. My administration . takes this very seriously. We have efforts underway with the FBI and [Department of Justice] - to disrupt and - and prosecute ransomware criminals. And my administration
Exclusive Interview: New HHS ONC Leader on Health Data Security
Compliance
Compliance
Compliance
HealthInfoSec) • May 7, 2021
Micky Tripathi, national coordinator for health IT at HHS
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new Department of Health and Human Services national coordinator for health IT. There are real concerns, Tripathi says in a video interview with Information Security Media Group. The challenge that we have is that we are putting into place and encouraging the use of technologies that we believe have an overarching benefit of patients being able to have more access and control over their health information - to use it for purposes that will benefit themselves. But that doesn t mean that there aren t some risks along the way … and
How Patched Android Chip Flaw Could Have Enabled Spying
Compliance
Compliance
Compliance
@prajeetspeaks) • May 7, 2021
(Photo: Shutterstock)
A severe vulnerability in a system on certain Qualcomm chips, which has been patched, potentially could have enabled attackers to remotely control Android smartphones, access users text messages and call histories and listen in on conversations, according to a new report from researchers at security company Check Point Software Technologies. We have no evidence the vulnerability is being exploited, the spokesperson says. For this vulnerability to even begin to work, a device would need to be severely compromised to start with, which would be a bigger problem.