Gas Stations Running Out Of Supply Due To The Ransomware Attack On A Pipeline Company

The ransomware attack on a pipeline company that was perpetrated by a criminal gang which I told you about over the weekend is really starting to cause problems now. Reports are surfacing that gas stations along the east coast of the US are running out of fuel. And while Canada isn’t affected as I type this, that could change. The bottom line is that this is likely the most disruptive ransomware attack that I’ve ever heard of.

I reached out to cybersecurity company Keyfactor (https://www.keyfactor.com/) for there thoughts on this hack and I got two responses back. Chris Hickman, chief security officer for Keyfactor had this to say:

“There is a side narrative around this story regarding security and critical infrastructure and the need to secure all elements of infrastructure – security cannot be an afterthought but rather needs to be designed and planned at every step. Good security is rarely retrofitted (retrofittable), especially when it comes to IoT devices. It needs to be built in as a core fundamental and planned for to exceed the anticipated lifetime of the product it is securing.”

Mark Thompson, VP of product management for Keyfactor had this to say:

“Even as use cases evolve, applying best practices and avoiding common pitfalls will go a long way in ensuring security is established at design, and sustained through the device lifecycle. Here are three common pitfalls and the actions manufacturers can take to avoid them:

  1. Hardcoding credentials on to the device: A number of IoT devices are inherently limited due to hardcoded credentials – a common outcome when manufacturers embed passwords or shared keys into firmware to help simplify development or deployment at scale. If accidentally leaked, threat actors or individuals without proper authority can access an entire fleet of devices. Ensuring strong mutual authentication between any connected devices or applications within the overall deployment is key.
  2. Unsigned Firmware: A larger number of IoT devices go to market with unsigned firmware. As more devices connect, the need for firmware signing grows. It’s strongly recommended that device makers sign firmware with a tightly controlled code signing certificate that only permits access to authorized individuals; another critical step is to keep an internal audit trail of all code signing activities. Utilizing a trusted public-private key pair is the most effective means to secure device firmware and have the ability to check and verify the device’s signature before booting the device or installing firmware updates.
  3. Weak authentication and encryption: Implementing strong cryptographic keys and algorithms that match the device’s use case applications are critical to hardening its long-term security. Equally important is ensuring sufficient entropy to produce an encryption key; randomness in key generation is priority through this process.

The bottom line is that we have now seen how wrong things can go when your IT security isn’t on point. Hopefully companies do what is required to keep their IT infrastructure safe.

3 Responses to “Gas Stations Running Out Of Supply Due To The Ransomware Attack On A Pipeline Company”

  1. […] by ransomware by an Eastern European based group of hackers. This in turn caused gas stations to start to run out of gas yesterday. And here’s the reason why things are getting back to normal. They paid the hackers according […]

  2. […] the ransomware attack of Colonial Pipelines which took down a major pipeline along the east coast of the US, and in the process severely constrained the fuel supply for millions of Americans? Well, we now […]

  3. […] hackers pwned Colonial Pipeline last month and shut off the distribution of gas along much of the East Coast of the United States, the world woke up to the danger of digital disruption of the petrochemical pipeline industry. Now […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: