E&E News Feature: Colonial Touts Cyber 'Best Practices.' It Was Still Hacked

May 20, 2021

NEWS 19 MAY 2021


The pipeline company at the center of the most disruptive cyberattack in U.S. energy history says it followed defensive guidelines set by the government and private sector. But a ransomware cyberattack this month still forced Colonial Pipeline Co. to shut down its 5,500-mile system, which supplies nearly half the fuel used along the U.S. East Coast. The weeklong disruption led to panic buying at gas stations and an outcry for more stringent and enforceable cybersecurity measures for the oil and gas industry.

The Assumption: Pipeline operating systems are not an easy target for hackers.

The Reality: The commercial risk remains if a pipeline with a compromised IT system tried to keep operating without the huge amount of data required to manage and fulfill orders and track and record payments.

What’s Needed: Infrastructure security officials said protecting against such a complex threat calls for the development of a “design basis threat,” a carefully worked-out scenario for assessing a potential attacker’s capabilities and tactics, in light of a network’s most critical #vulnerabilities.

“One lesson from the Colonial attack is that pipelines and the generators that depend on them for fuel need a much more realistic assessment of the cyber risks they face”
— Jonathon Monken, Principal, Converge Strategies in E&E News

“There is not an established threat definition process for gas pipelines — each pipeline makes its own assessments and response”
— Jonathon Monken, Principal, Converge Strategies in E&E News

About Jonathon Monken

Jonathon has deep public and private sector experience in the areas of national security, emergency preparedness, risk management, and energy resilience planning.

During the past several years he pioneered programs to build enterprise-level resilience for the utility sector through information sharing, public and private sector integration, and large-scale exercise development and execution. Previously, he served as VP for the U.S. Operations for the Electric Infrastructure Security (EIS) Council where he worked with government and industry to develop best practices and capabilities to improve the resilience of life support infrastructure systems to widespread, long-duration power outages, known as “Black Sky” events.

Jonathon earned a Bachelor of Science Degree from the United States Military Academy at West Point, and holds a Master’s Degree in Business Administration from Northwestern University’s Kellogg School of Management. Jonathon serves in the Army Reserves supporting the National Cybersecurity and Communications Integration Center (NCCIC) at the U.S. Department of Homeland Security. He is a Fellow with the Truman National Security Project.

Media Contact

Adair Douglas