Bad Guys Hacked the National Oil Supply Chain… Now What?
Play • 1 hr 5 min

 

 

When the DarkSide hacking group attacked the Colonial Pipeline, they may have gotten a bit more than they bargained for. Colonial has acknowledged paying $4.4 million in ransom in order to bring their systems back online as quickly as possible. It was a decision they had to make quickly, but had to consider a myriad of variables in the process. Joseph Blount, Colonial CEO stated “I know that’s a highly controversial decision… I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this… But it was the right thing to do for the country,”

 

Pundits everywhere weighed in with thoughts about how long the pipeline could be down, the impact on pricing, shortages of petroleum products ranging from gas to heating fuel. Other questions bubbled up as well. How did the do it? Was it politically motivated? How easy would it be for the next attack? Over the last few days, we have seen some pretty remarkable blowback on DarkSide. Even their fellow bad guys don’t want to play with them any more.

 

So… now what?

 

Matt Stephenson welcomes Duke Energy Technology Manager David Lawrence alongside  Forescout Principal OT Strategist Brian Proctor and Sr Systems Engineer Shawn Taylor for a lively chat about the attack on Colonial and the impact it may have on the worlds of critical infrastructure and operational technology. This isn’t just another academic discussion of security… we have a harmonica! Seriously… we do… check it out!

 

About David Lawrence

David Lawrence is the Tehchnology Manager of the Emerging Tchnology at Duke Energy. There he provides leadership on a portfolio of technologies for the Future Grid, including development of use cases and requirements, architectures and designs, and technology test plans. He works in defining and executing technology evaluations, and providing change management support.  David is currently focused on Grid distributed autonomous functions, edge analytics, and security for distributed technologies.  He has 38 years of experience in the energy industry.  He has worked in research and development and IT management for electric metering, transformer, and switchgear product manufacturing.  His roles included embedded systems and protocol development, engineering management, global engineering information systems, manufacturing execution and scheduling systems, product lifecycle management, and IT management. 

 

About Brian Proctor

Brian Proctor (@brianproctor67) is the Principal OT Strategist at Forescout. He spent the majority of his previous professional life as an ICS/SCADA cybersecurity engineer and cybersecurity team lead working for two progressive California Investor Owned Utilities (IOUs). In joined an ICS security startup which was then acquired by Forescout Technologies. Brian jumped to the vendor side to promote the benefits ICS/SCADA/DCS threat detection, network security monitoring, and visualization capabilities can bring critical infrastructure asset owners. He is passionate about helping the ICS security community in any way possible and trying to make a difference for the greater good of our industry and country.

 

About Shawn Taylor

Shawn Taylor (@smtaylor12) is a Senior Systems Engineer at Forescout. He is an accomplished and well-respected Public Speaker and Systems Engineer. With a strong mix of technical acumen, architectural experience, and sales savvy Shawn is a trusted advisor the customers he's worked with over his 20-year career. His background includes Cybersecurity, Biometrics and Identity Management, IT Operations and Service Management and IT Asset Management.

As a ForeScout Systems Engineer, Shawn expanded his technical knowledge into cybersecurity, while still leveraging his foundation of IT Operations and Service Management. He is responsible for integrating the ForeScout CounterACT solution with many of the industry-leading Cybersecurity products while in support of sales opportunities. Shawn has spoken at industry events around the country and too many online events to list. Additionally, Shawn helps to drive thought leadership around Forescout and continuous visibility being foundational to enterprise ITSM initiatives by authoring White Papers and blogs.

About Matt Stephenson

Matt Stephenson (@packmatt73) leads the Social Media team at Forescout, which puts me in front of people all over the world. Prior to joining Forescout, as the host of the InSecurity I have been talking with experts about every corner of the cybersecurity landscape.

 

In 10 years in the world of Data Protection and Cybersecurity I have toured the world extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to network security, can wrong-foot the bad guys. Prior to the COVID shutdown, I was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego to DC to London to Abu Dhabi to Singapore to Sydney. One of the funniest things I've ever been a part of was blowing up a live instance of NotPetya 6 hours after the news broke... in Washington DC... directly across the street from FBI HQ... as soon as we activated it a parade of police cars with sirens blaring roared past the building we were in. I'm pretty sure they weren't there for us, but you never know...

 

Whether at in person events, live virtual events or podcasting, I get to interview interesting people doing interesting things all over the world of cybersecurity and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy.

 

Wherever I go, my job is all about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round...

 

If you are  listener to Insecurity, there’s great news! An all new show is coming bringing the same kind of energy and array of guests you know and love. Best part? We’re still at the spot. You can find it at Spotify, Apple, Amazon Music & Audible as well as, GooglePlay, Gaana, Himalaya, I Heart Radio and wherever you get your podcasts!

 

Make sure you Subscribe, Rate and Review!

More episodes
Search
Clear search
Close search
Google apps
Main menu