Cybersecurity Alert: More Industries Falling Victim to Cybersecurity Breaches
on May 12, 2021
We can add gasoline and jet fuel pipelines to the growing list of industries that have fallen victim to cybersecurity breaches. On Friday, May 7, 2021, the largest refined products pipeline in the United States was the target of a ransomware attack that shut down a pipeline that transports more than 100 million gallons of fuel daily between Texas and New York.1 The shutdown is expected to have far reaching consequences, impacting many industries that rely on gas and fuel. In addition to the industries that depend on a steady supply of gas and fuel, consumers are already feeling the impact as the lines at gas stations grow and pumps begin to run dry.2
It is not clear exactly how the hackers were able to gain access to the company’s systems, but industrial facilities often operate old, outdated, and unsecured network systems that leave companies vulnerable to cybersecurity attacks. In this case it appears that the company acted swiftly and on advice of trusted partners experienced in handling cybersecurity breaches, but this is not often the case, especially in the industrial sector.3 By shutting down the pipeline systems proactively, this company was likely able to contain the threat and limit the damage to its systems, and as a result, its customers and other industries.
The attack on the pipeline comes on the heels of a cyber-attack on a Florida water treatment facility in February 2021, where a computer linked to the treatment facility started increasing the amount of sodium hydroxide in the water.4 The hacker was able to enter the system through a remote access software platform which had been dormant but was still connected to the system.5 Luckily, an employee at the facility noticed the increase of sodium hydroxide and was able to immediately address the issue before any damage could be done.6
These recent attacks on large and sophisticated companies should be a wake-up call for all companies, regardless of the industry. Being proactive and having a plan in place allows you to act quickly and intelligently which is instrumental in limiting the damage to your company, your clients, and your reputation.
Brouse McDowell’s Business Transactions & Corporate Counseling Practice Group can work with you to review your current data privacy policies. Our Insurance Recovery Group can assist with a review of your cyber policy to help you better understand what type of coverage you have or need to purchase. We also coordinate with the appropriate authorities in the event your business is attacked. Please contact us for more information or to schedule an evaluation.
1 https://www.colpipe.com/about-us/our-company, accessed May 11, 2021; https://www.colpipe.com/news/press-releases/media-statement-colonial-pipeline-system-disruption, accessed May 11, 2021
2 https://www.cbsnews.com/news/colonial-pipeline-ransomware-gas-lines-shortages-price-rises/, accessed May 11, 2021
3 https://www.colpipe.com/news/press-releases/media-statement-colonial-pipeline-system-disruption, accessed May 11, 2021
4 https://www.cnn.com/2021/02/10/us/florida-water-poison-cyber/index.html, accessed May 11, 2021