After having done the analysis of the Bellingham, WA Olympic Pipeline rupture that killed 3 people for NIST, I expected the Colonial Pipeline hack to be an OT incident affecting the SCADA system and potentially causing pipe leaks or pipe ruptures. However, that does not appear to be the issue in this case. Darkside's malware is IT ransomware with data exfiltration capabilities and was not custom-built for ICS attacks. The issues that occurred with the Colonial Pipeline ransomware attack are not unique to pipelines as the IT/OT convergence is moving critical operational data to IT without the proper controls or visibility. With the hacking of IP networks, there is a to detect operational changes independent of the OT network which can be accomplished by monitoring the physics of the process sensors. Control system cyber security and the appropriate integration with IT security needs to be stepped up to prevent ransomware IT hacks from causing physical damage and causing significant societal upheavals.
No discussions yet. Start a discussion below.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.