What actually happened in the Colonial Pipeline ransomware attack? Experts weigh in

National News

(WETM) – The largest fuel pipeline in the United States came back online this week after a ransomware attack forced it to shut down last week.

The pipeline was shut down as a precaution after Russia-based hackers planted “ransomware” in Colonial Pipeline’s computers, according to authorities. The company feared it might spread to other systems, damage the pipeline or create an environmental disaster.

Responding quickly, the company acted out of extreme caution to prevent other problems like potential explosions or more attacks.

“They quickly turned off their pipeline so there weren’t any explosions or leaks. They turned off their system so there wasn’t further damage. They worked with the government and some private companies to make sure that the data that the Russians stole wasn’t useful,” Senior Vice President at the Center for Strategic and International Studies Jim Lewis said.

Experts believe attacks like this will continue happening, even though the government has imposed sanctions against Russia. Preventing a ransomware attack is possible.

“It’s the before they were hacked part that needs a little work because stopping ransomware is not rocket science. There’s some basic things you can do,” Lewis continued.

In a White House executive order, President Biden outlined some key steps Federal Agencies should take to prevent attacks like enabling two-factor authentication, keeping a log of cyber incidents and encrypting important data.

Watch the full interview with Center for Strategic and International Studies Senior Vice President Jim Lewis here:

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Trending Now