DHS Cybersecurity Chief Warns That More Ransomware Attacks on Infrastructure Are Likely Following Colonial Attack

May 14, 2021 Updated: May 14, 2021

The head of the Department of Homeland Security’s (DHS) cybersecurity agency warned that following the ransomware attack that shut down the Colonial Pipeline, more and more attacks may hit American infrastructure and businesses in the near future.

Acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales made that assertion before the Senate Homeland Security Committee on May 13.

Wales was asked by a senator about whether more ransomware attacks will occur following the success of the Colonial Pipeline hack last week. “That is true,” Wales responded.

“This is potentially the most substantial and damaging attack on U.S. critical infrastructure ever. It shows that cyberattacks can have tangible, real-world consequences,” Sen. Rob Portman (R-Ohio) said during the Homeland Security hearing.

Some lawmakers during the hearing suggested that there need to be more cybersecurity safeguards regarding critical infrastructure controlled by private entities.

“These VADR assessments have proven effective at identifying a wide range of potential vulnerabilities within pipeline systems—some of which have been publicly distilled,” wrote Rep. John Katko (R-N.Y.) in a letter (pdf) to Wales. “Better understanding common security flaws and common misconfiguration issues is in everyone’s best interests, and these aggregated insights will help enhance national resilience. For this reason, my CISA appropriations request sent last week proposed an increase of 50 percent for the infrastructure analysis mission in the NRMC’s budget.”

Wales meanwhile said that “no,” he does not believe that Colonial would have contacted CISA if the FBI had not acted.

“I think that there is benefit when CISA is brought in quickly,” Wales stated.

The FBI earlier this week confirmed that a hacking group known as Darkside, which produces ransomware, was behind the Colonial breach. White House officials later said that Darkside is believed to operate inside Russia, although they stressed that the Russian government wasn’t behind the attack.

The shutdown of the pipeline, a 5,500-mile-long network that spans from the Gulf Coast to New York, triggered significant fuel shortages at certain gas stations in North Carolina, Maryland, Tennessee, Georgia, Virginia, Washington, and several other states.

One of the reasons for the shortage, according to GasBuddy’s Patrick De Haan, was due to panic buying. De Haan, on Twitter and in a Wednesday interview with The Epoch Times, explained that when motorists see long lines at the pump, they often will join them, thereby exacerbating the gas shortage.

De Haan on Friday morning said that demand for gasoline fell 7 percent on Thursday from the Thursday a week before, suggesting that “many filled their tanks and have enough fuel.”