IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Colonial Pipeline Is Not a Surprise Event

Really, it is to be expected now and in the future.

Unless you have been hiding under a rock for five days, you have likely heard of the ransomware attack on the Colonial Pipeline that moves liquid fuels from Texas as far north as New Jersey. By some accounts, they provide 40 percent of the fuel for that segment of the market on the East Coast.

While the news has jumped all over the issue about the hack of the company’s technology and the ransom being demanded by a Russian crime organization, the “experts” have all said the same thing — this is not a one-off event.

I think if you had interviewed Colonial Pipeline about their cybersecurity before the attack, they would have given everyone a thumbs up about all the precautions that they were taking to secure their IT systems. I have found that any and all infrastructure owners and operators will say the same type of things about all the processes and procedures that they have in place.

The weakest point in the cybersecurity walls we try to erect are the organization’s people. One errant click on an email, a link or an attachment, and the criminals or nation states are inside the network of the company/organization. Even cybersecurity companies have been hacked!

On the training side of things, I recently did a Disaster Zone podcast on “A New Approach to Cybersecurity Training” for employees. Check it out.

Given the significant threats we do have, it still pays to be doing everything we can do to thwart these types of attacks. For every successful one, there are thousands that are prevented. The challenge is that the attacker only has to be successful one time to get in the back door or even the front door of an organization’s IT system.
Eric Holdeman is a contributing writer for Emergency Management magazine and is the former director of the King County, Wash., Office of Emergency Management.