Colonial Pipeline was using vulnerable, outdated version of Microsoft Exchange

colonial pipeline

A forensic report of the Colonial Pipeline noted that the "most likely culprit" within the company’s IT infrastructure was the vulnerable Microsoft Exchange services, as noted by New York Times reporter Nicole Perlroth, though there were several other issues that researchers characterized as an overall "lack of cybersecurity sophistication."

The Cybersecurity and Infrastructure Security Agency warned pipeline operators about potential ransomware attacks in 2020 and offered a number of potential mitigation strategies. The FBI confirmed that it believes the DarkSide ransomware is responsible for the attack. DarkSide is a criminal group with origins in Russia.

Microsoft has published many advisories about the importance of keeping the On-Premise Exchange Servers up to date due to several vulnerabilities being exploited in the wild. The latest updates were released in April 2021 after a report from NSA. Exchange Online was not affected by these issues.

Colonial Pipeline took its systems down to contain the threat. Its major pipelines were still down as of Tuesday. The pipeline transports 100 million gallons of fuel each day, including 45% of all fuel consumed on the East Coast. Its products range from various grades of gasoline, diesel fuel, home heating oil, jet fuel, and fuels for the U.S. military.

On Monday night, Line 4, which runs from Greensboro, North Carolina, to Woodbine, Maryland, was temporarily operating under manual control while existing inventory is available, the company said.

Source: FoxBusiness

Report a problem with article
Xbox Party Chat&039s speech-to-text and text-to-speech capability in a game
Next Article

Xbox Party Chat now supports speech transcription and text-to-speech for Insiders

A woman with the Vodafone logo in the background
Previous Article

Vodafone to offer 100,000 small businesses free digital skills training

22 Comments - Add comment

Advertisement