Pipeline attack a turning point – analyst
A cyber-attack on a major United States fuel pipeline company is likely to prove a turning point that results in countries including New Zealand taking tougher action against ransomware, a security expert believes.
Colonial Pipeline was still battling yesterday to reopen a pipeline that distributes 100 million gallons of fuel each day from Texas to the southern and eastern US following an attack last week by a Russian ransomware gang.
The attack has raised fears of fuel shortages and resulted in higher fuel prices in the US.
US President Joe Biden said during a White House briefing that there was no evidence the Russian Government was involved, but he would be taking up the incident with President Vladimir Putin.
Brett Callow, a threat analyst with Nelson-based cyber-security firm Emsisoft, said there would be implications for New Zealand.
He has advocated for new laws to make it illegal for businesses to pay or facilitate the payment of ransomware demands, saying the only way to stop such attacks was to make them unprofitable.
‘‘I absolutely think this incident will represent a turning point,’’ Callow said. ‘‘Governments’ response to the worsening ransomware problem has really been underwhelming ... Countries can’t have their critical infrastructure, governments, healthcare systems and financial institutions shut down by cybercriminals.
‘‘There has to be a point at which governments decide to take decisive action, and I suspect this will be it.’’
A study Callow undertook last month highlighted by the BBC estimated ransomware was costing between US$42 billion (NZ$58 billion) and US$170B globally.
The US Treasury had begun taking steps to discourage businesses from facilitating ransomware payments before the pipeline attack. It issued a warning in October that insurers and other firms risked violating its regulations if they helped pay off attackers.
NZI, a division of IAG, is one of a few New Zealand insurers that currently offer to cover the payment of ransoms as part of its cyber insurance policies. It has been approached for comment.
Last month a ‘‘Ransomware Task Force’’ backed by Microsoft, Amazon, the FBI and Britain’s National Crime Agency released a report that could also tighten the screw. The taskforce did not go as far as calling for an outright ban on ransomware payments but recommended that organisations should be required to disclose any such payments they had made.
It also recommended that cryptocurrency exchanges should be required to comply with antimoney laundering rules.