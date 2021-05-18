 Skip to content
Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Jalopnik)   Remember when Colonial Pipeline shut down last week? Oh but there's more, so much more   (jalopnik.com) divider line
76
    More: Interesting, Pipeline transport, Attack, Colonial pipeline, billing system, Zero Day's Kim Zetter, cyber attack, Colonial Pipeline Co., part of the reason  
•       •       •

2192 clicks; posted to Main » on 18 May 2021 at 1:57 PM (1 hour ago)   |   Favorite   |   Watch    |   share:  Share on Twitter share via Email Share on Facebook



76 Comments     (+0 »)
Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest


Oldest | « | 1 | 2 | » | Newest | Show all

 
cretinbob [TotalFark] [OhFark]
‘’ 1 hour ago  
i.pinimg.comView Full Size
 
Clarence Brown [TotalFark] [OhFark]
‘’ 1 hour ago  
People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?
 
Fark_Guy_Rob
‘’ 1 hour ago  
How did ransomware attacks work before crypto was a thing?
 
guestguy
‘’ 1 hour ago  
encrypted-tbn0.gstatic.comView Full Size
 
DOCTORD000M
‘’ 1 hour ago  

Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?


Sent an email with an attachment that someone in the company opened, probably.
 
Mr.Uncle.Bill [BareFark]
‘’ 1 hour ago  
Yes, this was mentioned day 1.  Did we expect them to give away the fuel for free?
 
Rapmaster2000
‘’ 1 hour ago  
Biden canceled a crude oil pipeline from Canada to Houston so that means that a refined products pipeline from Houston and Port Arthur to New York had no gas.

I am very intelligent.
 
UltimaCS
‘’ 1 hour ago  
Who could've guessed that allowing private ownership of public utilities would result in sacrifices at the altar of capitalism?
 
Rapmaster2000
‘’ 1 hour ago  

DOCTORD000M: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

Sent an email with an attachment that someone in the company opened, probably.


Yep.  Probably a spearfish to an underling that pretended to be the CFO who needs you to read this RIGHT NOW!
 
UltimaCS
‘’ 1 hour ago  

Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?


iTunes gift cards. Before that, probably cashier's checks.
 
bthom37
‘’ 1 hour ago  
Capitalism functioning as intended.
 
Gubbo [TotalFark] [OhFark]
‘’ 1 hour ago  

Mr.Uncle.Bill: Yes, this was mentioned day 1.  Did we expect them to give away the fuel for free?


Yes, actually.
 
waxbeans
‘’ 1 hour ago  
Explain again why we shouldn't national analyze this bullshiat farking idiots
 
pdieten
‘’ 1 hour ago  
Fark user imageView Full Size
 
waxbeans
‘’ 1 hour ago  

waxbeans: Explain again why we shouldn't national analyze this bullshiat farking idiots


Nationalize*
Stupid voice to text
 
Invincible [BareFark] [OhFark]
‘’ 1 hour ago  
I've no doubt that it started in accounting and is a result of crappy network security but I'm not going to get outraged by this. When one is compromised, unless you can absolutely guarantee an airgap between systems, you shut them all down. Of course the alternative headline is that Colonial had been pumping oil for weeks without having any visibility into where or to who and now have to answer to regulators.
 
munko
‘’ 1 hour ago  

UltimaCS: Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?

iTunes gift cards. Before that, probably cashier's checks.


Click the link to see my boobs @notarussian.com
 
Cornelis de Gyselaer
‘’ 1 hour ago  

UltimaCS: Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?

iTunes gift cards. Before that, probably cashier's checks.


Bearer bonds
 
hissatsu [recently expired TotalFark]
‘’ 1 hour ago  

Clarence Brown: Any info on how they hacked it?


thesslstore.comView Full Size


/Farking Cosumer screwed everything up by clicking that link!
 
NewportBarGuy [TotalFark] [OhFark]
‘’ 1 hour ago  
Can we just put everyone involved into a woodchipper? All of them?
 
Braggi
‘’ 1 hour ago  
If they stopped putting Biden in charge of computer security at Colonial Pipeline we wouldn't have these problems.
 
JesseL
‘’ 1 hour ago  

Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?


iTunes gift cards.
 
New Rising Sun
‘’ 1 hour ago  

Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?


Prepaid cash cards or other similar things, presumably followed by some form of money laundering.
 
WithinReason
‘’ 1 hour ago  

DOCTORD000M: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

Sent an email with an attachment that someone in the company opened, probably.


Thats how they catch people at DISA during thier random internal security checks. Like a 30% failure rate of people clicking a link that almost says "this is a virus, do not click".
 
Mad_Radhu
‘’ 1 hour ago  

Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?


This was made out to be a sophisticated hack that threatened national security, but the more I read about it the more it seems like some script kiddies just lucked into a company with crappy IT and poor employee training.  The severity of the attack is more due to how negligent most companies are in how little budget and support they provide for IT security.

Hell, my company is pretty guilty because they just moved a bunch of systems to Microsoft 365 and Azure without requiring 2FA for employee logins due to the difficulty in getting field employees set up with authentication. It's maddening that even an easy win like that is so hard to implement because they don't want to risk losing sales if some of the employees are locked out of their accounts because they can't authenticate.
 
Private_Citizen
‘’ 56 minutes ago  
Hey Colonial:
Fark user imageView Full Size
 
TheGreatGazoo
‘’ 56 minutes ago  

Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?


They weren't a thing.

Generally worms and viruses just deleted data or cause other obnoxiousness.

And yes, the US government has an awesome track record of not getting hacked. Oh wait, except the Office of Personnel Management and the other hundreds of attacks on the Pentagon and NASA.
 
FarkingChas
‘’ 55 minutes ago  
I do hope there are many law suits against this company. But the CEO may get away with all his money intact :(
 
Bertuccio
‘’ 55 minutes ago  
The fuel pump at work was out for service so they just stopped providing fuel wrote down how much we took and charged us.

How do these people survive?
 
PunGent
‘’ 54 minutes ago  

Mr.Uncle.Bill: Yes, this was mentioned day 1.  Did we expect them to give away the fuel for free?


No, we expected them, and the U.S. Chamber of Commerce, to continue to lobby Congress to be exempt from rational cybersecurity requirements, as they've done successfully since at least 2012.

/they spent more on lobbying than basic cybersec would've cost
//thanks, John McCain :/
///ironically, Susan Collins was on the correct side of this issue
///she's still a POS, though
 
waxbeans
‘’ 54 minutes ago  

Mad_Radhu: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

This was made out to be a sophisticated hack that threatened national security, but the more I read about it the more it seems like some script kiddies just lucked into a company with crappy IT and poor employee training.  The severity of the attack is more due to how negligent most companies are in how little budget and support they provide for IT security.

Hell, my company is pretty guilty because they just moved a bunch of systems to Microsoft 365 and Azure without requiring 2FA for employee logins due to the difficulty in getting field employees set up with authentication. It's maddening that even an easy win like that is so hard to implement because they don't want to risk losing sales if some of the employees are locked out of their accounts because they can't authenticate.


Correct. But. Why is it places will let stop sales because the registers are down.
One exception a liquor store in DFW they didn't let that stop them they even use one of those old time physical card swiping carbon paper things to complete the sale.
 
emersonbiggins
‘’ 53 minutes ago  

FarkingChas: I do hope there are many law suits against this company. But the CEO may get away with all his money intact :(


It's 2021 and there is still an Equifax.  There's your answer.
 
backhand.slap.of.reason
‘’ 51 minutes ago  
So they held America for ransom because they had opened themselves up to a ransomware attack?  And the media is just getting this now after a week of saying that pipeline infrastructure itself had been attacked?  Ugh.
 
IlGreven
‘’ 51 minutes ago  

Rapmaster2000: Biden canceled a crude oil pipeline from Canada to Houston so that means that a refined products pipeline from Houston and Port Arthur to New York had no gas.

I am very intelligent.


And thus you, Mr. Central Florida Retiree, must hoard all the gas you can because tomorrow the price will spike to over $5.00 per gallon!
 
fsbilly
‘’ 50 minutes ago  

Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?


My guess:
Fark user imageView Full Size
 
StatelyGreekAutomaton
‘’ 50 minutes ago  

Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?


Given that their solution to what seems to have been just a financial breach, was to cause a nationwide gas shortage, I dunno if Colonial is any less amateur than the hackers
 
Grungehamster
‘’ 50 minutes ago  
If this impresses you, check out how the oil companies reacted to oil prices going negative at the start of COVID shutdowns: not cost effective to shut down the well and reopen it later, costs too much to store it, time to set this stuff on fire.
 
UltimaCS
‘’ 50 minutes ago  

munko: UltimaCS: Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?

iTunes gift cards. Before that, probably cashier's checks.

Click the link to see my boobs @notarussian.com


Guy who doesn't believe anything our US intelligence agencies reported on Russia says what?
 
foo monkey
‘’ 49 minutes ago  

Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?


Last place I worked, the CFO would leave his computer and door unlocked. Just get up and go home. Start there.
 
I Love You You Pay My Rent
‘’ 48 minutes ago  

Braggi: If they stopped putting Biden in charge of computer security at Colonial Pipeline we wouldn't have these problems.


Hunter is a gas industry expert.
 
Gubbo [TotalFark] [OhFark]
‘’ 48 minutes ago  

foo monkey: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

Last place I worked, the CFO would leave his computer and door unlocked. Just get up and go home. Start there.


That sounds like work. Honestly, the email or usb in the parking lot is far far easier.
 
disaster bastard
‘’ 48 minutes ago  

Rapmaster2000: I am very intelligent.


Homer Simpson I Am So Smart
Youtube wv4eTE0aUiQ
 
fsbilly
‘’ 48 minutes ago  

hissatsu: Clarence Brown: Any info on how they hacked it?

[thesslstore.com image 753x321]

/Farking Cosumer screwed everything up by clicking that link!


Hmmmm... Is that costumer, consumer or customer?
 
Mad_Radhu
‘’ 44 minutes ago  

waxbeans: Mad_Radhu: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

This was made out to be a sophisticated hack that threatened national security, but the more I read about it the more it seems like some script kiddies just lucked into a company with crappy IT and poor employee training.  The severity of the attack is more due to how negligent most companies are in how little budget and support they provide for IT security.

Hell, my company is pretty guilty because they just moved a bunch of systems to Microsoft 365 and Azure without requiring 2FA for employee logins due to the difficulty in getting field employees set up with authentication. It's maddening that even an easy win like that is so hard to implement because they don't want to risk losing sales if some of the employees are locked out of their accounts because they can't authenticate.

Correct. But. Why is it places will let stop sales because the registers are down.
One exception a liquor store in DFW they didn't let that stop them they even use one of those old time physical card swiping carbon paper things to complete the sale.


It depends on how good the corporate operations team is. We have a whole binder devoted to how to process sales if the system goes down for our stores.
 
mr0x
‘’ 43 minutes ago  

Fark_Guy_Rob: How did ransomware attacks work before crypto was a thing?


Isn't most of stolen crypto frozen?

The thief can't use it without revealing their identity. The owner can't access it because don't have the keys and no way to revert the ownership back without the thief signing off. So, it just sits there.
 
Mad_Radhu
‘’ 42 minutes ago  

WithinReason: DOCTORD000M: Clarence Brown: People keep saying that these hackers were in over their heads, but, if so, that must mean Colonial has shiatty protection on their billing system.

Any info on how they hacked it?

Sent an email with an attachment that someone in the company opened, probably.

Thats how they catch people at DISA during thier random internal security checks. Like a 30% failure rate of people clicking a link that almost says "this is a virus, do not click".


The Future of Sebben & Sebben | Birdgirl | adult swim
Youtube iyaWqVwxAek
 
Kattungali
‘’ 41 minutes ago  

pdieten: [Fark user image 600x327]


<sarcasm>
Impossible - it's a private company and I've been assured that incompetence only occurs in government organizations!
</sarcasm>

Seriously though - I've worked in government and for the private sector.  The only difference in competence is that with the government everything is public.   With private companies, most stuff like this gets swept under the rug.
 
Representative of the unwashed masses
‘’ 41 minutes ago  
So the pipeline company shut in the pipeline while it fixed it's accounting systems from a ransomware attack. There was plenty of product available for normal distribution but it's their fault that idiots were filling every liquid holding device and hoarding creating an artificial shortage?

they make money by billing the companies who want to move fuel through their infrastructure. Part of that is being able to bill properly.
 
Tr0mBoNe [TotalFark]
‘’ 40 minutes ago  
You would think insurance would cover that kind of thing until you consider the rank incompetence that lead to the situation and that most insurance companies will laugh you out of town in that case.
 
Tr0mBoNe [TotalFark]
‘’ 39 minutes ago  

Kattungali: pdieten: [Fark user image 600x327]

<sarcasm>
Impossible - it's a private company and I've been assured that incompetence only occurs in government organizations!
</sarcasm>

Seriously though - I've worked in government and for the private sector.  The only difference in competence is that with the government everything is public.   With private companies, most stuff like this gets swept under the rug.


Why do you think government loves contracting everything out?
 
Displayed 50 of 76 comments


Oldest | « | 1 | 2 | » | Newest | Show all


Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest

Redisplay/refresh comments
 
If you're having problems voting, quoting, or posting comments, try disabling any browser add-ons that might disable Javascript (NoScript, AdBlock, etc). See our FAQ.
 
   Forgot password? Create an account to make comments
  Use HTML Buttons
If you can see this, something's wrong with your browser's CSS support. (Or you're a spambot.)
 
Before adding a comment, please take a minute to review our posting rules and our legal/privacy policy.
By commenting, you agree to these terms. You might also want to take a look at our FAQ.

Continue Farking

If you like these links, you'll love

TotalFark

Come on, it's $10 a month, just do it.

learn more | sign up
On Twitter

  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.