top of page

Colonial Pipeline Two Years Later: Have Our Cybersecurity Changes, Changed Enough?

The Colonial Pipeline cyber attack that occurred two year ago (May 2021) had significant implications for both the United States' energy supply chain and national security. Colonial Pipeline is the largest fuel pipeline in the US, transporting around 2.5 million barrels of fuel daily from refineries on the Gulf Coast to the eastern and southern parts of the country. The ransomware attack on the pipeline disrupted fuel supplies and caused gasoline shortages in several states. The pipeline shutdown also caused concerns of fuel price hikes and potential economic damage, as the pipeline's operations and security are critical to the functioning of many industries and consumers.

The cyber attack highlighted the vulnerabilities in critical infrastructure systems and the potential impact of a targeted cyber attack on such systems. It raised questions about the preparedness of the US government and private companies to handle such attacks and the need for increased cybersecurity measures. The incident led to discussions on the role of government regulations and investment in cybersecurity to prevent future attacks and secure critical infrastructure. It also brought to the forefront the issue of ransomware attacks and their increasing frequency, leading to calls for stronger international action to prevent ransomware attacks and hold the perpetrators accountable. Joshua Corman, VP of Cyber Safety Strategy at Claroty, shared how he viewed the incident and what actions it set in to motion for public and private sectors: “As the two-year anniversary of the Colonial Pipeline attack approaches, we need to examine both the strides we’ve made as a community and the work that still needs to be done. While many great initiatives have been put forward, the reality is these attacks are still happening and still pose a serious risk to the US food supply and other areas of critical infrastructure.

The recent cyber attack on Americold that brought its cold storage operations to halt is one such example. With hundreds of temperature-controlled warehouses used for food distribution across North America, Europe, Asia-Pacific, and South America, a long-term disruption of Americold operations could cause significant impact to our food supply.

Depending on the scale and duration of the downtime, there could be widespread food shortages and skyrocketing prices for consumers, which tend to hurt lower income families and communities the most. Additionally, farms and other food suppliers that depend on the continuous movement of goods along the supply chain in order to maintain production could also be affected.

This is a perfect example of why the White House National Cybersecurity Strategy is seeking to rebalance the shared responsibility model between the public and private sector. We need policy and regulation from the government to ensure all food organizations and suppliers are protected from threats. Indeed, Congress is working on the next iteration of the Farm Bill, and it’s shaping up to be one of the years where cybersecurity takes precedent.” ###

bottom of page