Cybercrime Hits the Pump
Hackers take down a major fuel pipeline
One of the U.S.’s biggest pipeline operators, Colonial Pipeline, disclosed late last week that it was forced to shut down after it was hit by ransomware. It’s a sobering reminder that cybercrime is one of the most serious threats that companies face.
Colonial acknowledged that its corporate computer network had been hit, crippling the company that supplies 45 percent of the East Coast’s fuel. (A criminal gang known as DarkSide was identified as the perpetrator.) While the shutdown, now in its third day, hasn’t yet had a major impact on the markets for gasoline, diesel or jet fuel, analysts warned prolonged downtime could lead to higher gas prices as demand rises when the economy fully reopens. Colonial declined to say when it would restart operations.
Cybercrime is on the rise. U.S. officials note that the frequency and sophistication of ransomware attacks has soared in recent months, targeting police departments, hospitals and manufacturers. Companies are often reluctant to reveal much information about these attacks, making the scope of hacks difficult to gauge; last year, a ransomware attack took an unnamed natural gas facility offline for two days, according to a vague statement from the government at the time. The attack on Colonial comes months after news of the hacking of the network services provider SolarWinds, which Russia has been accused of orchestrating.
The Biden administration is weighing how to respond. The White House had already been planning an executive order to create new digital safety standards for federal agencies and contractors, as well as new disclosure rules. Government officials have conceded that the order as currently planned wouldn’t stop the most skilled hackers from infiltrating computer networks, though they say it might have helped prevent hacks like the Colonial incident. In the meantime, the Department of Transportation passed an emergency order yesterday relaxing rules on transporting fuel via road in some states.
This latest attack highlights the vulnerability of infrastructure to cyber attacks. President Biden’s $2 trillion infrastructure spending plan doesn’t have a lot to say about cybersecurity specifically, so how to protect these projects from attacks could become yet another point of contention in the already heated debate over the bill.
HERE’S WHAT’S HAPPENING
New warnings about how the coronavirus spreads. U.S. officials acknowledged that the virus is airborne and can reach people more than six feet away, raising questions about how employers can redesign offices to reduce the spread. Still, Dr. Anthony Fauci said he was open to relaxing indoor mask mandates — so long as Americans continue to get vaccinated.
1MDB sues JPMorgan Chase and Deutsche Bank. The failed Malaysian sovereign fund sued 25 individuals and nine entities, a list that includes the two Western lenders, Bloomberg reports. It’s the latest fallout from a bribery scandal in which Goldman Sachs admitted last year to a role in abetting crimes.
The fight over unemployment benefits heats up. Friday’s disappointing jobs report stoked debate over whether the Biden administration’s policies are working. Republicans (and some Democrats) argue that the $300 weekly supplement is discouraging people from finding work; others say any clogs in the labor market are temporary.
Investors rebel against executive pay. Shareholder votes in favor of U.S. executives’ compensation have fallen to their lowest level — an average of 88 percent — since 2011, the year that “say on pay” votes became mandatory, The Financial Times reports. So far this year, six S&P 500 companies have failed to win a majority of support for pay packages.
An online cheating scandal is roiling Dartmouth. The school accused 17 medical students of cheating on remote exams. The allegations have caused an uproar at the university — several students say the software was at fault — and highlighted issues around the tracking of students without their consent.