The recent cyberattack on the Colonial Pipeline is being regarded as a "wake-up call" for our nation. While the impact is large, resulting in extended fuel shortages across a large swath of the US, it could have been far worse had the actors targeted the Operational Technology (OT) side of the Colonial network rather than the corporate Information Technology (IT) side. Who could say if this was a trial run with the OT as the next target?
An attack on the OT would be catastrophic as the actors would be in a position to control not only the flow of oil but the industrial control systems which protect the pipeline's infrastructure. The FBI regards this attack as "sophisticated" implying that these actors are technically competent and well-funded. Scores of cyber attackers such as these "jiggle the handles" continuously looking for available paths into the network. In this case however, it wasn't likely that by mere chance this handle was randomly jiggled. While DarkSide has denied intent to disrupt oil operations, this was none-the-less a targeted attack on the most important pipeline operator in the US, and to assume that Darkside is being completely forthright and conducted this attack for merely ransom could be a drastic miscalculation, especially were the next actor to mimic their approach. Taking DarkSide at their word, the result was the same as if they acted intentionally to disrupt oil supply. As such, we must always fear the worst and realize that even the unintentional consequences of a cyber-attack can be catastrophic. We must prepare accordingly, and protect at all layers of the OSI model.
Included in any defense-in-depth plan to "baton down" the networks that manage our nation's critical infrastructure is the need to protect those communication systems at their very basic layer, that is the cables used to transport the data. Left unprotected, an unlocked door is available to these sophisticated criminals or nation states with intent to disrupt our national security or way of life through malicious activities - all they have to do is find the right handle. At Network Integrity Systems, our solutions perform continuous analysis of cables, pathways and points of vulnerability such as manholes, fence lines and equipment cabinets and look for intrusions that occur as a precursor to a physical cyber-attack (tapping, theft of data) or damage that could degrade network performance or availability. Learn more.