Criminals Hacked the National Oil Supply Chain… Now What?

When the DarkSide hacking group attacked the Colonial Pipeline, they may have gotten a bit more than they bargained for. Colonial has acknowledged paying $4.4 million in ransom in order to bring their systems back online as quickly as possible. It was a decision they had to make quickly, but had to consider a myriad of variables in the process. Joseph Blount, Colonial CEO stated “I know that’s a highly controversial decision… I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this… But it was the right thing to do for the country,”

Pundits everywhere weighed in with thoughts about how long the pipeline could be down, the impact on pricing, shortages of petroleum products ranging from gas to heating fuel. Other questions bubbled up as well. How did the do it? Was it politically motivated? How easy would it be for the next attack?

Over the last few days, we have seen some pretty remarkable blowback on DarkSide. Even their fellow bad guys don’t want to play with them any more.

So… now what?

Matt Stephenson welcomes Duke Energy Technology Manager David Lawrence alongside Forescout Principal OT Strategist Brian Proctor and Sr Systems Engineer Shawn Taylor for a lively chat about the attack on Colonial and the impact it may have on the worlds of critical infrastructure and operational technology. This isn’t just another academic discussion of security… we have a harmonica! Sersiouly… we do… check it out!

About David Lawrence

David Lawrence is the Tehchnology Manager of the Emerging Tchnology at Duke Energy. There he provides leadership on a portfolio of technologies for the Future Grid, including development of use cases and requirements, architectures and designs, and technology test plans. He works in defining and executing technology evaluations, and providing change management support. David is currently focused on Grid distributed autonomous functions, edge analytics, and security for distributed technologies. He has 38 years of experience in the energy industry. He has worked in research and development and IT management for electric metering, transformer, and switchgear product manufacturing. His roles included embedded systems and protocol development, engineering management, global engineering information systems, manufacturing execution and scheduling systems, product lifecycle management, and IT management.

About Brian Proctor

Brian Proctor (@brianproctor67) is the Principal OT Strategist at Forescout. He spent the majority of his previous professional life as an ICS/SCADA cybersecurity engineer and cybersecurity team lead working for two progressive California Investor Owned Utilities (IOUs). In joined an ICS security startup which was then acquired by Forescout Technologies. Brian jumped to the vendor side to promote the benefits ICS/SCADA/DCS threat detection, network security monitoring, and visualization capabilities can bring critical infrastructure asset owners. He is passionate about helping the ICS security community in any way possible and trying to make a difference for the greater good of our industry and country.

About Shawn Taylor

Shawn Taylor (@smtaylor12) is a Senior Systems Engineer at Forescout. He is an accomplished and well-respected Public Speaker and Systems Engineer. With a strong mix of technical acumen, architectural experience, and sales savvy Shawn is a trusted advisor the customers he's worked with over his 20-year career. His background includes Cybersecurity, Biometrics and Identity Management, IT Operations and Service Management and IT Asset Management.

About Matt Stephenson

Matt Stephenson (@packmatt73) leads the Social Media team at Forescout, which puts me in front of people all over the world. Prior to joining Forescout, as the host of the InSecurity podcast I have been talking with experts about every corner of the cybersecurity landscape.

In 10 years in the world of Data Protection and Cybersecurity I have toured the world extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to network security, can wrong-foot the bad guys. Prior to the COVID shutdown, I was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego to DC to London to Abu Dhabi to Singapore to Sydney. One of the funniest things I've ever been a part of was blowing up a live instance of NotPetya 6 hours after the news broke... in Washington DC... directly across the street from FBI HQ... as soon as we activated it a parade of police cars with sirens blaring roared past the building we were in. I'm pretty sure they weren't there for us, but you never know...