Collaborate Disseminate
One of the main contributors to the weak security posture of development environments is the complexity and knowledge gap created by the number of tools and services involved in this process. With more than a hundred CI/CD tools to choose from and hun… Continue reading Proliferation of DevOps Tools Introduces Risk
The Transportation Security Administration will for the first time require pipeline operators to meet mandatory cybersecurity requirements in the wake of a ransomware attack that caused a days-long shutdown of the main artery for delivery fuel to the East Coast. The TSA security directive, expected to be released Thursday, requires certain pipeline operators to report hacking incidents to the Department of Homeland Security’s cybersecurity agency within 12 hours, and would levy fines starting at approximately $7,000 on operators for failing to comply with security guidelines, department officials told reporters in a call. DHS officials estimate that the requirements will apply to roughly 100 pipeline companies, including some of the country’s largest operators. The rules signal a shift to the traditional federal approach to pipeline security, which for years has rested on voluntary guidelines that critics said fell short of meeting the threat. A DHS official said the update is “part […]
The post TSA cyber requirements would fine pipeline operators for lax security practices appeared first on CyberScoop.
Continue reading TSA cyber requirements would fine pipeline operators for lax security practices
More news and updates about the Colonial Pipeline ransomware attack, the DarkSide ransomware as a service (RaaS) goes dark on the dark web, and why we still need cybersecurity best practices (regardless of an opinion piece that says otherwise). ** Link… Continue reading Colonial Pipeline Updates, DarkSide Goes Dark, Cybersecurity Best Practices
In what may be a first for watering hole attacks, we’ve now seen an attack that targeted watering holes, or at least water utilities. The way this was discovered is …read more Continue reading This Week in Security: Watering Hole Attackception, Ransomware Trick, and More Pipeline News
When someone talks about “The Grid,” as in “dropping off the grid” or “the grid is down,” we tend to think in terms of the electromagnetic aspects of the infrastructure …read more Continue reading Gassing Up: Understanding the Liquid Fuel Distribution Network
This week Tom and Kevin discuss the Colonial Pipeline ransomware attack, RaaS (Ransomware as a Service), and why ransomware attacks are not going away anytime soon. ** Links mentioned on the show ** Colonial Pipeline Hackers, DarkSide, Apologize, Say G… Continue reading The Colonial Pipeline Ransomware Attack
After a ransomware attack hampered one of the largest pipeline operators in the U.S., the Transportation Department on Sunday issued an emergency directive allowing drivers in 17 states and the District of Columbia to work longer hours to transport fuel. The “regional emergency declaration” is meant to alleviate any disruptions to supply following the security incident at Colonial Pipeline, which the company revealed Friday. While the Georgia-based company normally delivers more than 100 million gallons of gas, diesel and other products daily to customers from Texas to New York, according to its website, the ransomware infection forced a temporary halt to its operations. Colonial Pipeline says it transports some 45% of all fuel consumed on the East Coast. The Transportation Department’s declaration means that truckers carrying gasoline, diesel, jet fuel and other refined petroleum products are temporarily exempt from laws restricting the amount of time they are allowed to be […]
The post US issues emergency declaration following Colonial Pipeline ransomware incident, relaxing transport rules appeared first on CyberScoop.
A cyberattack has temporarily halted operations at Colonial Pipeline, the largest pipeline system for moving gas and diesel products in the U.S., the company said Friday. Colonial Pipeline, which delivers more than 100 million gallons of fuel daily to customers from Texas to New York, said that after learning of the incident on Friday that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems.” It was unclear at press time Saturday morning who was responsible for the digital intrusion or how long the company’s pipeline operations would be halted. Multiple media reports suggested the incident was a ransomware attack. A Colonial Pipeline spokesperson did not immediately respond to a request for comment. Colonial Pipeline sad it had contacted law enforcement and other federal agencies, and that efforts to restore normal operations were “already underway.” “[W]e […]
The post Cyberattack disrupts Colonial Pipeline, which transports 100 million gallons of fuel daily appeared first on CyberScoop.
Corralling electrons is great and what most of us are pretty good at, but the best projects have some kind of interface to the real world. Often, that involves some …read more Continue reading Hydraulics Made Simple
A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refi… Continue reading Improving Your Security Posture with the Pipeline Cybersecurity Initiative