windywave wrote:
gofigure wrote:
Nutella wrote:
gofigure wrote:
Nutella wrote:
I understand the primary reason they shut down the pipeline is that they were unable to
bill customers. I consider you to be a reliable source and not a fanatic crap shooter. If the above has some truth I am only more intrigued. There is a capitalist/business/it's all about the viability of our profit stench to this. An odor somewhat like that of the public utility freezing fiasco down in Texas earlier. $5Million paid but why was the pipe closed? If the bad guys were actually Robin Hood "good guys only looking for money then how unsafe was continued operations? More questions than answers so far. It was confirmed on CNN. Kim is a very legit reporter on cyber security issues. She has been on that beat for decades. https://twitter.com/...923544753872896?s=20 Edit: NYT also confirmed it
https://www.nytimes.com/2021/05/13/technology/colonial-pipeline-ransom.html
Quote:
because it had no way to bill customers with its business and accounting networks offline.
Not at all knowledgeable about business, but let me try. Accounting goes offline. step 1. open a drawer, pull out a ledger book make entries such as date, amount, to whom, and cost. At the end of the billing period, step 2. pull out ledger type up a bill and put it in the mail box.
So we had this fiasco because book keeping was not backed up? Tell me it's not so Joe!
You're thinking strictly from an operational standpoint and not security.
Could they manually do accounting sure. Could they manually run the pipeline eventually, sure with increased risk since the automated portions and sensors would be offline.
But knowing someone is inside your system and the systems are linked (or even if they're not since you don't know how they got in) you're not running your pipeline that could cause severe environmental or economic damage if the hackers over-pressurized it or somehow caused a rupture or spill.
What's worse PR, a bunch of whining anti-capitalists who hate pipelines to begin complaining about how the greedy pipeline company didn't run the pipeline because they couldn't bill, or millions of gallons of petroleum being spilled into a river or a pipeline blowing up?
You and I are both dealing in a bit of conjecture here. I for one am in way over my head but that hasn't stopped me before.
That said, In the pursuit of the wouldas and couldas and options not taken, at what risk does manual ops present over automatic? Normal operation per annum shows how many remotely sensored alerts and how often did they alert that then caused system shutdowns or automatic workarounds. Or how much more real is the possibility of accidental discharging if operated in a manual mode? More importantly, does Colonial even have and Emergency Plan that spells out a manual operation and have they practiced it.
As for PR, I say a ballsy but measured response would be to move seemlessly to a manual mode, alert the governments, fed and state, so the government Cyber boys get to work on your problem. Tell your clients of the hack and assuming you and they have no sensitive or personal problem with skeletons in closet within that data, you then beat your chest proudly braying to the hackers and the public that you will not be beaten and look here our gasoline continues to flow and we will not be bullied or defeated or held for ransom. That could be good PR too, isn't that right Tom. The NYT and FOX would both run with that story, the crooked foreign hackers tried but they didn't shut us down.
I think if you were the CEO of Colonial and you had confidence in your team, flipping the bird to the hackers tack might have an appeal to it. You had us going to war in the gulf a few days back, taking on the greens and showing them we can pump without spilling, all the while telling the hacks that they can have that useless IT system data for free and you are moving on with a different and more secure network is just a walk in the park.
Quiet idle day at home for me is a fine devils workshop. Not quite Barry level but working to get there.