Come for the politics, stay for the snark.

Stop using mental illness to avoid talking about armed white supremacy.

This fight is for everything.

Republicans in disarray!

Black Jesus loves a paper trail.

Today in our ongoing national embarrassment…

The republican ‘Pastor’ of the House is an odious authoritarian little creep.

Is it negotiation when the other party actually wants to shoot the hostage?

Rupert, come get your orange boy, you petrified old dinosaur turd.

I am pretty sure these ‘journalists’ were not always such a bootlicking sycophants.

“What are Republicans afraid of?” Everything.

Prediction: the gop will rethink its strategy of boycotting future committees.

If you tweet it in all caps, that makes it true!

Tick tock motherfuckers!

When I decide to be condescending, you won’t have to dream up a fantasy about it.

… gradually, and then suddenly.

The worst democrat is better than the best republican.

Consistently wrong since 2002

A snarling mass of vitriolic jackals

Many life forms that would benefit from greater intelligence, sadly, do not have it.

Republicans firmly believe having an abortion is a very personal, very private decision between a woman and J.D. Vance.

if you can’t see it, then you are useless in the fight to stop it.

I swear, each month of 2025 will have its own history degree.

A thin legal pretext to veneer over their personal religious and political desires.

At some point, the ability to learn is a factor of character, not IQ.

You are here: Home / Open Threads / Pipeline

Pipeline

by | 61 Comments

This post is in: 

I was looking to see if we’re going to get any oversight or accounting about the Colonial Pipeline hack, and I found this jack off waste of time headline at the AP:

Mein hertz schwimmt im blut at the thought of a former AP exec taking over from Marty Baron at the Post.

Anyway, back to the actual peril from this hack. The National Transportation Safety Board investigates pipeline accidents. I assume they’ll investigate this incident, and I’m looking forward to the report. I hope that we get some oversight of pipelines and other infrastructure because, to put it mildly, hackers shutting down key energy infrastructure is fucked up and bullshit.

Hack attacks like this are battles in a war where nobody dies and nothing blows up, so they seem to be quickly forgotten. If the Colonial outage was the result of a bomb that blew up part of the pipeline, we’d be in the middle of a full-scale freak out, with the National Guard out patrolling, and home state Senators fighting each other to get in front of a TV camera. Instead, I bet it will be a distant memory in a few weeks.

ETA: As John b notes in the comments, Bloomberg is reporting that Colonial paid $ 5 million in cryptocurrency as ransom to Russian or Eastern European hackers.

Reader Interactions

61Comments

  4. 4.

    Cermet

    And you can be fairly certain that the company had custom software that is antiquated, used poor software security, and was likely indifferent to the threat; that we paid huge costs thank’s to their indifference should be reflected in fines they should be hit with. Only in this way will companies pay attention to this critical aspect of their software.

  5. 5.

    Elizabelle

    I disagree.  The hack will not be forgotten, because if it happened to Colonial, it can happen to any number of organizations.  Healthcare, cities and states, all manner of businesses.

    Relieved to have Biden and his sane and competent administration in charge of the response.  I think TFG would have just arranged a cut of the hackers’ ransom proceeds.

    This will be a jobs program for people good with the cyber.

  6. 6.

    Elizabelle

    @germy:   The AP provenance bothers me.  That was Ron Fournier’s perch, for way too long.

    Although:  maybe Marty Baron had a big say in who was chosen to replace him.

  8. 8.

    RepubAnon

    Encrypted data storage and shutting off the ability to use USB storage devices like flash drives has been an IT best practice for many years. Nice to see people running critical infrastructure are thinking about implementing standard security practices from 10+ years ago.

  10. 10.

    Four Seasons Total Landscaping mistermix

    @Elizabelle:

    I disagree.  The hack will not be forgotten, because if it happened to Colonial, it can happen to any number of organizations.  Healthcare, cities and states, all manner of businesses.

    It “can happen”?  LOL.  Check this out:

    https://www.beckershospitalreview.com/cybersecurity/the-new-wave-of-hacking-attempts-hitting-hospitals-6-things-to-know.html

    It’s been happening for a long time  and has been ignored or forgotten.

  11. 11.

    NotMax

    Analogy of exploding physical structure is flawed. The pipeline itself was not targeted, the IT systems of the company which owns and runs it were.

  12. 12.

    The Moar You Know

    I have been telling this to anyone who will sit still for fifteen seconds for at least the last decade:  Americans and American business will not take computer/network security seriously until the day comes when we wake up to find every bank balance in the country is at zero.

    At that point, of course, it will be far too late.

    The reaction to that statement is always nervous laughter, by the way.  Nobody believes it’s possible.  But they know I work in security and they always wonder if I know something they don’t.  Not really.  I’ve just thought it through.

  13. 13.

    Four Seasons Total Landscaping mistermix

    @NotMax:

    Analogy of exploding physical structure is flawed. The pipeline itself was not targeted, the IT systems of the company which owns and runs it were.

    Well, the net effect was the same:  pipeline shutdown and gas shortages.  And it was done remotely without any risk to the perpetrator, unlike a physical attack.

  14. 14.

    The Moar You Know

    speaking of hospitals, since it was bought up, five out of the eight major local hospitals (Scripps chain) in San Diego county are shut down entirely due to a ransomware attack.  All of their associated clinics and doctors as well.   (They all used the same computer network).  Even the cafeterias and coffee kiosks.  This is not breaking news.  This has been the case as of today for TWO WEEKS.  The only reason I know this is because I went to my hospital (not Scripps) this weekend and couldn’t help but notice that there were, for the first time, patients lined up in every hallway and in a tent in the parking lot.  Not from Covid.  They’re just one of the few places where you can get care now in the county.   The staff is exhausted.

    The media has been very cooperative with Scripps and the criminals. Backpaged in every local outlet, crickets nationally.  One of the most populous counties in the United States is teetering on the verge of having no medical care because of a terrorist attack and the media won’t cover it.

  15. 15.

    Cermet

    @NotMax: While true, the pipeline does use pumps that are computer controlled that, hopefully, do not connect via any outside link to main control centers; however, if that is the case it is certainly possible to cause a pipe line to burst leading to many bad scenarios.

  16. 16.

    Tony Jay

    Elections have consequences, it seems. Especially when the elections take place in two rapidly separating countries and one of those countries elected a bunch of fascist wannabe race-baiters.

    tl:dr – Do not fuck with the neighbours of Glaswegians, ever, and especially not on Eid, because sometimes one of your Base-feeding stunts might ‘trigger’ more than you planned for.

  17. 17.

    bbleh

    @NotMax@Four Seasons Total Landscaping mistermix@Cermet:  IIRC, they shut down the control system precisely to avoid “infection” from the systems that were infected.  So the control system shutdown was precautionary rather than caused directly by the attack, but it’s nevertheless a consequence of the attack, and indeed they did fear a spread, which means there are at least some connections.

    And the only practical differences I can see between this and a physical attack is (1) it will be faster to fix and (2) it doesn’t lead to the kind of massive flaming wreckage that is catnip for TV, its duller-witted viewers, and the politicians that come buzzing like flies to sh!t.

  19. 19.

    bbleh

    Also, too, despite the lack of flaming wreckage, the MSM are still trying their level best to turn this into a Giant Unforeseen Catastrophe. It’s apparently working well in some places too, where frantic media coverage has led to panic buying, which the media then descend upon with cameras and helicopters, leading to further panic buying, and meanwhile Wise Political Knowers are writing Heavy Thinkpieces on the political damage this is causing an increasingly vulnerable Biden at possibly the most crucial moment of his presidency yadda yadda.

    Who was it said we will entertain ourselves to death? It’s borderline psychotic …

  21. 21.

    Spanky

    And it bears repeating – constantly – that if you hear “Russian hackers”, the immediate assumption should be that they are state controlled.

  23. 23.

    Matt McIrvin

    @Elizabelle: The Haverhill public school system got hit by a massive ransomware attack recently. They actually had to shut down for a day or two.

  24. 24.

    Miss Bianca

    @Cermet: My pal D said he saw a comment from an inspector who looked at Colonial’s system a few years back and said, “an eighth-grader could have hacked into this.”

  25. 25.

    L85NJGT

    Hot takes, get yer hot takes……

    There is such a thing as ransomware insurance. That may be preferable from a PR and business continuity perspective than taking a multi-week outage.

  26. 26.

    john b

    According to Bloomberg, Colonial paid a $5M ransom to get their data back:

    Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

    The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

    ETA: Well this is embarrassing:

    Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

  28. 28.

    azlib

    @Cermet:  Amen brother. Network security tends to be pretty lax in many cases. I remember doing security consulting for a certain paper company many years ago. Their control system for a papermill was accessible from the Internet! I told them this was a very bad idea. I hope it got corrected, but who knows.

    I also consulted for a bank which did large wire transfers over unencypted telco trunks. Their IT staff was trying to get this problem solved, but their trading floor objected and said encryption was too expensive.

    You think awareness would be a lot higher these days, but the pipeline fiasco suggests network security is still pretty lax.

  30. 30.

    Baud

    You don’t remember the political peril to Obama when he didn’t immediately fix the Deepwater Horizon leak?

    The media was salivating about this story.

  31. 31.

    Le Comte de Monte Cristo, fka Edmund Dantes

    @The Moar You Know:

    Kill a few dozen hackers every now and then, and this shit stops.

    I picture some greasy, plump neckbeard in a dirty “Han Shot First” t-shirt whining that “it’s just the internet and kind of a hobby that I shouldn’t die for, man” and smile as I imagine the impact of the rounds….

  33. 33.

    Le Comte de Monte Cristo, fka Edmund Dantes

    @john b:

    And the fuckers now have money to develop new hacking tools. Well done, Colonial bean counters, well-fucking done. You saved some money on airgapping critical control functions, and now have cost us all.

    One of the first things that the entire new Colonial board of directors and c-suite team should be doing is unceremoniously throwing all the bean counters and MBAs involved in those decisions roughly into the streets, along with all the shit in their desks. Shatter the vases, coffee cups, plants, awards, etc. with rough handling on the way out. Tell them they’re fucked on refererences, too.

  34. 34.

    L85NJGT

    @john b:

    Restoring from backup is SOP. Sounds like Colonial has an ongoing cluster fuck rather than executing a disaster recovery plan.

    You can plan and practice recovery for outages.

  35. 35.

    catclub

    @NotMax:

    The pipeline itself was not targeted, the IT systems of the company which owns and runs it were.

    Interesting point.  I was previously aware that internet enabled (WHY? WHY? WHY?)  critical infrastructure pipeline control pieces had terrible password control.  Maybe that was not even the problem here. Just that the head office does not know what the pipeline settings are.

    You would think that best practice would be: 1) change default  passwords on those internet enabled valves and pumps.  2) whitelist the network addresses that can log into those valves and pumps.

  36. 36.

    gvg

    There also a bunch of morons on NextDoor trying to blame Biden for the gas shortage and tying it to proposed raising taxes. No amount of facts changes their minds. It’s just a couple but the scream it’s Biden’s fault about everything the notice wrong including local traffic and homeless people. Pretty recent trend. I think it means they now notice Trump lost for real. The seem to be real sourpusses.
    My next door has mostly been lost pets, finding good repairmen and chit chat. Also a couple of dog attacks and fussing about helicopters.

  38. 38.

    opiejeanne

    @bbleh: Meanwhile, WaPo has the most misleading headline this morning, and they’re getting a lot of pushback. The author is Sean Sullivan and it’s a crappy article.

    cs

    Biden administration struggles to limit political damage from gas shortage

  39. 39.

    Le Comte de Monte Cristo, fka Edmund Dantes

    @L85NJGT:

     

    But that costs money that can’t be used to buy C Suite guys a fourth retirement home, a bigger yacht or be used in ways to artificially reflect some mythically increased value for the exercise of promised stock options.

    Where’s the capitalistical free market fun in that?

  40. 40.

    WaterGirl

    @gvg: My NextDoor is filled with pet stuff, good vaccine info and more.  But there are also a bunch of whiners.  “Concern” about schools not being open and mask wearing.

    The latest is “concern” about a residential substance abuse center that is opening up.  A whole lot of “not in my backyard” and the neighborhood property values are going to go to pot.

  41. 41.

    catclub

    @john b: ​
     ETA: Well this is embarrassing:

    >> Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.<<

    I am impressed that their backup system was working. They TELL us they are backing up all the files, but then when you need one the backup recovery often… fails.

  42. 42.

    Le Comte de Monte Cristo, fka Edmund Dantes

    @gvg:

    There also a bunch of morons on NextDoor trying to blame Biden for the gas shortage and tying it to proposed raising taxes. No amount of facts changes their minds. It’s just a couple but the scream it’s Biden’s fault about everything the notice wrong including local traffic and homeless people. Pretty recent trend. I think it means they now notice Trump lost for real. The seem to be real sourpusses.
    My next door has mostly been lost pets, finding good repairmen and chit chat. Also a couple of dog attacks and fussing about helicopters.

    FTFY

  44. 44.

    catclub

    @WaterGirl:   The latest is “concern” about a residential substance abuse center that is opening up. A whole lot of “not in my backyard” and the neighborhood property values are going to go to pot.

     

    Pun intended?

  46. 46.

    john b

    @catclub:

    I am impressed that their backup system was working. They TELL us they are backing up all the files, but then when you need one the backup recovery often… fails.

    To be clear, this detail is not embarrassing for their IT dept., but their execs who thought it the best idea to secretly pay off the hackers when they had a backup that was working as intended. Of course, they should be shamed for their security practices otherwise (but my guess is that this was a corporate decision as well, as most security folks know what is NEEDED, but what is actually implemented falls short of that because of shortsighted execs).

  48. 48.

    The Pale Scot

    The ransomers made a mistake, they should have waited until hurricane season

  49. 49.

    JaneE

    Colonial pays 5 million to buy crypto.  I can only hope its value sank before the hackers tried to spend it.

  50. 50.

    Another Scott

    Oh, WiFi is broken, also too. Android Police:

    Just days after we heard about the Qualcomm vulnerability that could let hackers listen to your calls, a security researcher has brought to light several Wi-Fi vulnerabilities, some of which even relate to the Wi-Fi standard itself. The new findings affect not just your phones, tablets, and laptops but just about any device that uses the technology that wirelessly connects to the internet.

    Belgian security researcher Mathy Vanhoef calls this new set of vulnerabilities “FragAttacks,” — a portmanteau of fragmentation and aggregation attacks. If exploited, they could allow an attacker to steal information over protected networks, inject data packets into data streams, or even cause DoS (denial of service) attacks. While some flaws in the set are hard to abuse, some others are “trivial to exploit.”

    Before disclosing this information to the public, Vanhoef worked with the Wi-Fi Alliance to address the flaws. As a result, a lot of companies including Samsung, Microsoft, Cisco, Intel, Netgear, Synology, and Lenovo, have already released patches for some of their products. Unfortunately, since some flaws have been around since 1997, updating all affected devices isn’t going to be a very seamless process — some companies may not even exist anymore.

    To minimize your chances of being a victim of an attack, Vanhoef recommends you follow general security practices: update your devices, don’t reuse your passwords, make sure you have backups of important data, and don’t visit shady websites.

    If you want to dive deeper into the issue, head over to Vanhoef’s blog for technical information.

    (sigh)

    But it’s yet another reminder – One cannot prove that a system is virus-free. There will always be exploits and failures as long as we have computers.

    Cheers,
    Scott.

  51. 51.

    Mart

    @Matt McIrvin: High School buddy put a code in the computer so the staff had to re-enter their password four times. We went thru the punch tape in the trash and found the password. We went in and deleted the attendance records thinking all hell would break loose. Did not think about manually taking attendance. Messed them up for about two days. Hacking 1975 style.

  53. 53.

    WaterGirl

    @Le Comte de Monte Cristo, fka Edmund Dantes: I won’t totally bash NextDoor because that’s how I learned when the local Health Dept opened up the vaccine to my group way ahead of schedule.

    And it looks super useful if you have lost a pet.

    I also found my current lawn mower that way.

    Other than that, I mostly think “what a bunch of whiny bigots”.

  54. 54.

    WaterGirl

    @Suzanne: Seems like it would be cheaper to have a crack IT staff at the hospital than it would be to pay 5 million or 50 million when the ransomware folks get you.

  55. 55.

    Nora Lenderbee

    It’s been good for my employer (network security). The stock peeked above 20 for only the second time in at least 5 years. My Friskies coupons, aka RSUs, might actually break even some day. So … yay?

  56. 56.

    catclub

    @WaterGirl:

    And it looks super useful if you have lost a pet.

    I also found my current lawn mower that way.

     

    Where did it get to?

  59. 59.

    Ruckus

    @WaterGirl:

    A hard cost against a possible future cost, in the world of “All the Monies Are Mine!”

    An MBA absolutely fixed tenet, Never pay up front unless it’s 1000% impossible not to.

  61. 61.

    The Pale Scot

    @Cermet:

    hopefully, do not connect via any outside link to main control centers; however, if that is the case it is certainly possible to cause a pipe line to burst leading to many bad scenarios.

     

    First the gasoline. He closed sixteen control valves—the nearest of them three kilometers away—and opened ten, which rerouted eighty million liters of gasoline to gush out from a bank of truck-loading valves. The gasoline did not ignite at once. ……. A small truck driving through the loading yard took a turn too fast, skidded on the splashing fuel, and slid broadside into a utility pole. It only took one spark . . . and already more fuel was spilling out into the train yards.

    With the master pipeline switches, Tolkaze had a special plan. He rapidly typed in a computer command, …. The main pipeline from the nearby production field was two meters across, with many branchlines running to all of the production wells. The oil traveling in those pipes had its own mass and its own momentum supplied by pumping stations in the fields. …commands rapidly opened and closed valves. The pipeline ruptured in a dozen places, and the computer commands left the pumps on. The escaping light crude flowed across the production field, where only one more spark was needed to spread a holocaust before the winter wind, and another break occurred where the oil and gas pipelines crossed together

    Red Sorm Rising

Comments are closed.