Prioritizing Energy Security
June 7, 2021
Written By Jon Ihler
Recent news in the energy industry has been dominated by the push to cut carbon emissions. In the second week of May, that debate took a backseat to another issue: the cyberattack on Colonial Pipeline Company.
The Colonial Pipeline, which supplies more than 100 million gallons of fuel per day—including 45 percent of all fuel consumed on the East Coast—was shut down by hackers. Colonial took its 5,500 miles of pipeline offline for several days after cybercriminals locked up the company’s computer systems and demanded ransom. While the hackers didn’t take control of the pipeline’s operations, Colonial did shut down the pipeline to prevent any additional threats.
News of the pipeline’s closure caused panic buying and hoarding. The run on gas created temporary shortages in 11 states. Multiple states declared a state of emergency, supply waivers were granted for conventional and reformulated gasoline blends, and penalty relief was given for off-road diesel usage. Thankfully, our region was unaffected.
Colonial’s lack of cybersecurity sophistication left it vulnerable to attack. A forensic report of the cyberattack noted that outdated digital infrastructure made it easier for the hackers to encrypt the pipelines back-office system and hold its information hostage. Colonial reportedly paid a $5 million ransom to the hackers in cryptocurrency to unlock its computer systems.
As cyberattacks grow more refined and complex, it’s clear that we must prioritize digital security of our infrastructure. At MFA Oil, we began moving our cyber modernization efforts up to the top of the corporate priority list years ago. Vulnerability scanning, remote access, email security, advanced malware protection, multifactor authentication, antivirus, antispam, whitelisting and encrypted data are in place to reduce our risk and protect your cooperative. We realize we cannot eliminate every cyber risk, but we can harden our defenses.
Keeping our network and resources safe requires both investment and effort. Our security team works vigilantly to protect our data and the integrity of our computer systems. We continuously look for ways to improve our ability to detect and prevent breaches. This includes training for our employees to ensure they understand the risks and how to avoid them. Everyone in our organization has a responsibility and role to play in protecting the cooperative. As we’ve seen with the Colonial Pipeline, all it takes is one person clicking a link in a malicious email to give cybercriminals the opening they need to attack.
We fully understand the important role we play in supplying the energy our members and customers count on to run their businesses. As cyber threats become more sophisticated, we will continue to update our systems and security to mitigate any potential vulnerabilities. Staying one step ahead of the hackers is arduous, but it’s also attainable if we don’t lose sight of our goal— protecting the company and your equity.