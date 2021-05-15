By Marc Arcas

SAN FRANCISCO, California – The cyberattack on one of the largest oil pipeline networks in this country, operated by the Colonial company, highlights the vulnerability of key infrastructures, which in many cases do not keep their systems up to date with the latest security updates and anti-plagiarism programs.

The attack, perpetrated by hackers from the Darkside organization (the dark side, of course) located in Russia, forced the company to stop its operations for five days, which generated fuel supply shortages in much of the southeastern US, since Colonial supplies 45% of the consumption on the east coast of the country.

“This attack shows that there are serious vulnerabilities in one of the most critical sectors of the economy: energy supply,” explains Michael Greenberger, professor of law and director of the Center for Health and National Security of the University of Maryland.

According to Greenberger, most of the infrastructure used by Colonial is old and the information and control systems are primitive, with the software (set of programs) already out of date, something that does not only happen in this company, but is a common problem in the rest of the country’s energy suppliers.

An outdated system

Even further goes his colleague from Tulane University Randy Magiera, who believes that software obsolescence even reaches government entities, and recalls how, until just a few years ago, the Department of Defense managed nuclear missiles using floppy disks.

Magiera, professor of Information Security and Cybersecurity, points out that the immense Most cyber attacks that occur are financially motivated, something that was decisive so that the Colonial case did not go further.

If instead of money, hackers (hackers in this case) had wanted to manipulate the pipeline and put it under physical control, most likely they would have been in a position to do so.

It was the organization responsible for the attack itself that in a statement published on Monday assured that its “Only objective” is to earn money, and not “create problems for society.”

This end would have been more than achieved, since according to what Bloomberg published on Friday, Colonial would have paid a ransom of five million dollars to the authors of the “ransomware” (as the theft of data and the demand for a ransom under the threat of to publish them).

A widespread problem

“We may not be so lucky next time,” says Brendan Saltaformaggio, director of the cyberforense innovation laboratory and professor at Georgia Tech University.

Hackers penetrated the system long before the attack was known and spent time familiarizing themselves with it, stealing data, and learning from it. They only decided to make their presence evident when they felt they were ready.

“If these attackers stay on the network for a long period of time, it is easy for them to find themselves on other critical infrastructure networks right now but we have not yet seen any physical signs of the attack, such as a case of ‘ransomware’ ”, Assures Saltaformaggio.

According to data provided by Microsoft, there are hacker attacks on computer systems an average of 579 times per second (the vast majority of them unsuccessful) and every day 50 million attempts to access user passwords are registered worldwide.

This last point is where, according to all the experts consulted, more progress can be made to prevent attacks, since the vast majority of cybercriminals manage to access systems by deceiving a person.

The human factor

“A very common example is what is called ‘the abandoned USB’, in which a hacker leaves a USB memory stick with malicious software installed in a public parking lot or a place where it is easy for someone to pick it up. And what happens is that this person then uses it on a computer and infects the system ”, says Magiera.

Of all the techniques hackers use to betray people’s trust and gain access to the network, the most common is known as “phishing” (something like spoofing), in which a hacker contacts the victim (usually by email or text message) by impersonating a trusted sender.

According to Professor Saltaformaggio, another of the great problems with infrastructures is that on many occasions they were built to last several decades at maximum efficiency, something that can work in the physical part, but which is unfeasible with the cybernetic part, which requires constant updates. .

“The physical and cybernetic components follow different schedules. How telephones have changed in 30 years! ”, He concludes.