Security News > 2022 > May > Colonial Pipeline faces nearly $1m fine one year after ransomware attack
Colonial Pipeline is facing an almost $1 million fine for control room management failures after the US Department of Transportation alleged they contributed to the nation's fuel disruption in the wake of the 2021 ransomware attack.
Following the agency's inspection of Colonial Pipeline's control room management procedures and records, it said the company was in "Probable violation" of several pipeline safety rules, including a seeming failure to adequately plan and prepare for manual shutdown and restart of its pipeline system.
The operators of the Colonial Pipeline - which stretches 5,500 miles between Texas and New York, and can carry up to 3 million barrels of fuel per day - reportedly ended up paying $5 million to regain access to their systems.
The vulnerabilities, tracked as CVE-2022-26522 and CVE-2022-26523, allow attackers to escalate privileges, execute code in kernel mode and take complete control of the device.
"Avast is an active participant in the coordinated vulnerability disclosure process, and we appreciate that SentinelOne has worked with us and provided a detailed analysis of the vulnerabilities identified," an Avast spokesperson told The Register.
"We recommend our Avast and AVG users constantly update their software to the latest version to be protected. Coordinated disclosure is an excellent way of preventing risks from manifesting into attacks, and we encourage participation in our bug bounty program."
- US agricultural machinery maker AGCO hit by ransomware attack (source)
- Costa Rica declares national emergency after Conti ransomware attacks (source)
- Lincoln College to close after 157 years due ransomware attack (source)
- Conti Ransomware Attack Spurs State of Emergency in Costa Rica (source)
- Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks (source)
- Engineering firm Parker discloses data breach after ransomware attack (source)
- Higher education institutions being targeted for ransomware attacks (source)
- QNAP alerts NAS customers of new DeadBolt ransomware attacks (source)
- Media giant Nikkei’s Asian unit hit by ransomware attack (source)
- QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks (source)