Black Hat: We Should Have Seen The Colonial Ransomware Attack Coming
Few need to be reminded of the fears that the Colonial Pipeline hack caused in May of 2021, in which airlines scrambled to keep their planes fueled for long-haul flights and Americans across the eastern seaboard panic-bought gas in expectation of supply disruptions.
The severity of the Colonial Pipeline attack was a wake up call for cybersecurity industry leaders, government officials and the media. But speaking at the Black Hat Briefings conference last week, Kim Zetter, an award winning cybersecurity journalist, said that the private sector and the federal government should have seen the attack coming.
Zetter, whose 2015 book Countdown to Zero Day provided the most thorough accounting to date of the Stuxnet worm attack on Iran’s nuclear enrichment facility at Natanz, used a keynote speech at this week’s Black Hat Briefings in Las Vegas to declare the Colonial Pipeline hack “foreseeable,” pointing to countless warnings given by government entities and cybersecurity experts on the high probability of attackers targeting these entities.
25 years of alarms on critical infrastructure cyber risk
And many of those warnings are not of recent vintage. For example, Zetter cited a 1997 warning by U.S. Federal Government officials about possible cyber attacks on critical infrastructure. In October of 1997, President Clinton’s Commission on Critical Infrastructure Protection emphasized the “increasing vulnerability of control systems to cyber attacks.” The Chairman of this same Commission wrote to the President in their report that the “capability to do harm–particularly through information networks–is real (…) and we have little defense against it.”
Colonial’s cybersecurity is the norm, not the exception
Despite that, the state of America’s critical infrastructure has not changed drastically over the past 2 decades, with the American Society of Civil Engineers giving America’s critical infrastructure a “C-” grade in 2021. The capabilities of cybercriminals have improved as a result of vast advancements made in technology generally. What hasn’t changed over the years is these same criminals’ desire to target CI entities.
In fact, there…