The TSA is reversing its hands-off approach to overseeing pipeline cybersecurity in the wake of the devastating ransomware attack on critical U.S. infrastructure.
A range of current and former officials and cybersecurity experts say the Colonial Pipeline s ability to avoid a government review underscores how a voluntary, arms-length approach by federal officials over nearly two decades has left key elements of the nation s critical infrastructure at risk.
Tech audit of Colonial Pipeline found glaring problems nownews.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from nownews.com Daily Mail and Mail on Sunday newspapers.
We are constantly assessing and improving our security practices both physical and digital,” the privately held Georgia company said in response to questions from the AP about the audit s findings. It did not name the firms who did cybersecurity work but one firm, Rausch Advisory Services, located in Atlanta near Colonial s headquarters, acknowledged being among them. Colonial s chief information officer sits on Rausch s advisory board.
Colonial has not said how the hackers penetrated its network. How vulnerable it was to compromise is sure to be intensely scrutinized by federal authorities and cybersecurity experts as they consider how the most damaging cyberattack on U.S. critical infrastructure might have been prevented.
Any shortcomings by Colonial would be especially egregious given its critical role in the U.S. energy system, providing the East Coast with 45% of its gasoline, jet fuel and other petroleum products.
Smallwood, a partner at iMERGE and managing director of the Institute for Information Governance, said he prepared a 24-month, $1.3 million plan for Colonial. While iMERGE’s audit was not directly focused on cybersecurity “we found many security issues, and that was put in the report.”
Colonial’s statements Wednesday suggest it may have heeded a number of Smallwood’s recommendations. In addition, it says it has active monitoring and overlapping threat-detection systems on its network and identified the ransomware attack “as soon as we learned of it.” Colonial said its IT network is strictly segregated from pipeline control systems, which were not affected by the ransomware.