Blake Dowling: Just when you think hacking couldn’t get worse … gas panic

Colonial Pipeline reboots, but isn't online just yet. Image via AP.

Last week, I went to the first concert in a year.

This week, I spoke at my first luncheon, scheduled in-person staff meetings to restart in June, got all my shots, didn’t wear a mask in Whole Foods for the first time in a year.

Saw the guy at the post office change signs from masks required to masks recommended when picking up the mail for the office.

There is a lot of great news on the pandemic front, but … on the cyber-front, the news continues to worsen.

Surely things can’t get worse than the SolarWinds situation where various government agencies were breached.

Hold my beer, hackers say. (Insert “Airplane” meme here.)

The U.S. fuel pipeline ransomware attack is worse because it is already affecting all of us. There is no hush campaign or sweeping this under the rug.

No Jedi mind trick will undo this one, as lines form in the road this week at most gas stations in North Florida. And the ones that don’t have lines, they are already out of gas.

Just today, I passed four while making my rounds; all were empty with the exception of one with cars spilling into the road.

At least there is toilet paper.

Floridians sure know how to freak out. Panic is in our blood from one (or three) too many hurricanes on top of the lovely pandemic of 2020.

What happened in this attack? Let’s dive in.

Colonial Pipeline manages a 5,000-mile pipeline that delivers almost 50% of the fuel for the East Coast. Last week, it was hit by ransomware.

In a typical ransomware situation, a seemingly harmless email comes in; when it is clicked, a cyberthreat is unleashed that locks the network. In this case, it stole data.

Hackers then demand a ransom. If paid, they give encryption keys to unlock the data. If you do not pay, they threaten to leak the data and let you untangle the mess they created by wiping and reloading from scratch. Depending on several factors, that alone could take days or weeks.

As of this writing, their main hub of operations shows it is offline. However, Colonial resumed the flow of fuel through smaller lines; terminals are running again.

Officials identified the group behind the attack as “Darkside” and just like the SolarWinds attack, suspicion is already pointing overseas to our friends in Moscow.

CNN and other news outlets are already starting to state that they are indeed Russian according to various sources.

As for Florida, there are people hoarding gas and generally making a mess of things.

A lot of our supply (possibly all of it) comes into Florida from the sea through tankers/ports — then direct to the consumer via truck.

To get an insider’s take, I spoke with Alix Miller, senior vice president of the Florida Trucking Association.

Take it away, Alix:

“The Federal Motor Carrier Safety Administration issued a waiver for multiple states, including Florida, allowing fuel truck drivers to work beyond the hours-of-service requirements.

“We are working closely with Florida Departments of Emergency Management and Transportation, both for the pipeline shutdown and in preparation for hurricane season.

“Florida knows how to handle these situations. Also, it’s important to note that most of Florida is not dependent upon the Colonial Pipeline for fuel — we need people to let the process work and not overreact.

“Panic-buying is currently the reason for a fuel shortage in the area — not a lack of supply.”

I have written about ransomware threats for years and conclude every column with how to protect yourself — two-factor authentication, cyber insurance, robust firewall, cyber training, phishing simulations, stop clicking — but more needs to be done.

We need help from the top and Marco Rubio wants a stronger cyberattack response from the feds to start going to bat for us, as these hackers have been after small businesses, schools, municipalities (and just about everyone else) for years.

The SolarWinds and Colonial attacks must serve as a wake-up call — and if it turns out to be another Russian attack, we will know where to apply the pressure.

Be safe out there everyone.

___

Blake Dowling is CEO of Aegis Business Technologies, host of the Biz & Tech Podcast, and preaches the gospel of STOP CLICKING to anyone who will listen. You can reach him at [email protected].