The Colonial Pipeline is back online with normal operations after a cyberattack shut it down for nearly a week.
The Georgia-based Colonial Pipeline had begun the process of restarting the pipeline’s operations on Wednesday evening. The company warned it could take several days for the supply chain to return to normal.
In a tweet Saturday, the company said since that time it has returned the system to normal operations and resumed service to its markets, including a large swath of the East Coast. Many gas stations continued to lack fuel on Saturday.
Security experts are using the attack as a teachable moment and encouraging businesses to check or re-check their safety systems.
Steven Polunsky is the Director of the Alabama Transportation Policy Research Center. He says it’s important to understand no company is immune from malicious interference.
This includes transportation departments, transit authorities, vehicle manufactures, railroads and truckers to name a few.
“Anywhere that technology is employed, you raise the risk for malicious attacks. They can take a number of different forms," says Polunsky. "They can be online searches looking for vulnerabilities where you interface with the internet. Or phishing where someone comes in through an employee or sends an email that looks innocent but takes you to malware.”
The FBI says ransomware made by a group known as “DarkSide” was used in the cyberattack. Colonial Pipeline said an outside security firm is investigating the incident.
Polunsky says as things get back to normal, there are questions companies need to be asking moving forward to keep safety systems up-to-date.
“Starting with just the basics of what we do when we have software or hardware involved: Is our equipment current? Is the software current? If there are patches to be used, have we applied patches to them?" Polunsky says. "Have we trained our employees for the potential something bad happening? The criminals are really clever with how they do it.”
Polunsky says paying close attention to passwords and policies are some the best ways for companies to safeguard against attackers. Another is “patches” which are ways to close the gaps on safety issues and concerns.