govciooutlook
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
OCTOBER - 20228GOVERNMENT CIO OUTLOOKIN MYOPINIONSECURING AMERICA'S ENERGY INFRASTRUCTURE IN THE 21ST CENTURYSteve Westly, Managing Partner, The Westly GroupByhe Recent Colonial Pipeline Attack has proven there is no greater threat to our national security than protecting America's energy infrastructure. The FBI has identified DarkSide, a Russian ransomware group, for hacking Colonial, one of the largest US fuel pipelines transporting 100 million gallons of fuel daily along the Eastern United States. Darkside stole nearly 100 gigabytes of data over 2 hours from Colonial's network and extorted about 75 bitcoin­roughly $4.4 million.The Department of Homeland Security's Transportation Security Administration (TSA) announced a new Security Directive that requires critical pipeline owners to report cybersecurity attacks to the TSA and to review their current cyber practices and procedures. While this is a step in the right direction, we need to do more to protect America's most important resource: the free flow of energy.The recent Colonial Pipeline and SolarWinds cyberattacks have allowed Russian hackers unprecedented access to federal government systems and reveal how vulnerable our nation's critical infrastructure is. The US currently has no centralized tracking system, no centralized cybersecurity policy, and no process for providing rapid alerts when the problems began. The U.S. needs a centralized and proactive approach to monitor, detect, and prevent cybersecurity attacks. It is important to understand that our nation's energy companies need to protect two main attack surfaces: Information Technology (IT) and Operational Technology (OT) systems. IT systems deal with the flow of information while OT systems manage the physical control of machines and hardware. Fortunately, DarkSide only targeted Colonial Pipeline's IT systems for ransom. Attackers could have easily gained control of the pumps and valves along the 5,500-mile pipeline causing catastrophic damage. A similar OT system attack happened in Florida earlier this year where TSteve Westly
< Page 7 | Page 9 >