Long lines and dry pumps at gas stations across the Southeast in recent days alerted Americans to the growing threat of cyberattacks on the systems that control many aspects of their lives and safety.
Security experts say the ransomware attack that led to a five-day shutdown of Colonial Pipeline Co.’s lines supplying fuel to 14 states was just the latest of hundreds of such hacks on critical industries in the past year. Meanwhile, recommendations from security watchdogs that would bolster protections against such threats have gone unheeded.
The tightest security would disconnect critical systems from the internet, experts say, as nuclear plants are required to do. And the government could mandate other security protocols rather than make recommendations with no penalties for noncompliance.
“The United States is one of the few countries that doesn’t have any regulation at a national level for cybersecurity for its critical infrastructure,” said Eric Cole, who served on the Center for Strategic and International Studies’ Commission on Cybersecurity during President Barack Obama’s administration and whose book, “Cyber Crisis,” comes out next month.
The number of attacks on companies that provide essential services, from banking and electricity to ambulances and agriculture, has risen steadily over the past decade with more than 250 ransomware assaults launched on U.S. entities considered critical infrastructure in 2020 alone, according to data compiled by Temple University.
Those included railroad systems, courts, jails, police departments, school districts, electric utilities and city halls big and small.
And now, the Colonial Pipeline.
“This is the one people have been warning about for some time, that they could physically incapacitate infrastructure,” Malcolm Nance, a retired Navy counterterrorism intelligence officer of 35 years and author of multiple books on national security, said of the Colonial hack. “Now we need an all-hands-on-deck review of the entire internet-controlled infrastructure of the U.S. – that’s oil, that’s gas, natural gas, water.”
In Graphics: US gas prices rise as Colonial Pipeline reopens after ransomware attack