Security News > 2022 > May > Colonial Pipeline faces nearly $1m fine one year after ransomware attack
Colonial Pipeline is facing an almost $1 million fine for control room management failures after the US Department of Transportation alleged they contributed to the nation's fuel disruption in the wake of the 2021 ransomware attack.
Following the agency's inspection of Colonial Pipeline's control room management procedures and records, it said the company was in "Probable violation" of several pipeline safety rules, including a seeming failure to adequately plan and prepare for manual shutdown and restart of its pipeline system.
The operators of the Colonial Pipeline - which stretches 5,500 miles between Texas and New York, and can carry up to 3 million barrels of fuel per day - reportedly ended up paying $5 million to regain access to their systems.
The vulnerabilities, tracked as CVE-2022-26522 and CVE-2022-26523, allow attackers to escalate privileges, execute code in kernel mode and take complete control of the device.
"Avast is an active participant in the coordinated vulnerability disclosure process, and we appreciate that SentinelOne has worked with us and provided a detailed analysis of the vulnerabilities identified," an Avast spokesperson told The Register.
"We recommend our Avast and AVG users constantly update their software to the latest version to be protected. Coordinated disclosure is an excellent way of preventing risks from manifesting into attacks, and we encourage participation in our bug bounty program."
News URL
https://go.theregister.com/feed/www.theregister.com/2022/05/09/in_brief_security/
Related news
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)
- Duvel says it has "more than enough" beer after ransomware attack (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- JetBrains TeamCity under attack by ransomware thugs after disclosure mess (source)
- Possible China link to Change Healthcare ransomware attack (source)
- Change Healthcare registers pulse after crippling ransomware attack (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)