Earlier this week, authorities from Iran reported a cyberattack on their gasoline infrastructure.
This attack left citizens all over the country (who use government-issued electronic cards to purchase fuel at discounted prices) unable to pump or buy fuel. Citizens who attempted to acquire fuel received a message stating, “cyberattack 64411.”
According to Silicon Angle and The Times of Israel, “The form of the cyberattack is unknown at this time and no group has claimed responsibility.”
“It is always interesting to read when a country that is known as a nation-state threat actor is now the victim of cyberattacks. The irony!” says Nasser Fattah, Senior Advisor, Shared Assessments.
Fattah continues, “From a supply chain perspective, it shows that attacking common consumer goods, like gas, can quickly have an immediate impact on the economy. Think of delivery trucks, due to shortage of gas, now cannot deliver goods to the market. Such cyberattacks can also have a ripple effect in society that can lead to riots and mayhem.”
With the recent SolarWinds, Kaseya, and Colonial Pipeline breaches (which impacted critical infrastructure on various levels) Iran’s gasoline attack stirs suspicions that an attack on U.S. gasoline supplies could become an issue.
Ron Bradley, Vice President, Shared Assessments shares his thoughts on this matter. “While we’ve seen examples of weather events and ransomware attacks affecting the oil and gas industry, I believe there is enough redundancy in the US to avoid the type of damage potentially related to the Iranian issue. There are multiple, disparate systems, designed to produce, transport, and distribute gasoline to consumers. While a disruption may be inconvenient and costly in certain circumstances, I don’t believe it would lead to a catastrophic event.”
In step with Bradley’s comments, Tom Garrubba, Vice President, Shared Assessments adds, “We’ve seen what happens to shutting down supply chains, but such critical data can be altered that can certainly part of the disruption including measurements, logistics, tracking, quality of gasoline, the quantity of fuel, or any other vital components that can tie into critical infrastructure.”
Furthermore, other infrastructures within the U.S. could still be targeted. Bradley points out that, “Manufacturing is the hub in critical infrastructure. What’s becoming more apparent every single day is the inter-dependency of international supply chain failures which is causing a domino effect. I would not think of this as a single target rather than a potential collapse of the global supply chain system. There are many factors which contribute to this concern, including cyberattacks.”
Bradley adds “Obviously, the global pandemic and its expanded affects have also continued to create havoc across multiple industries and throughout the fabric of our everyday lives… Being resilient to a typical cyberattack in normal circumstances could be catastrophic towards a system which is already suffering.”
Additional information on cybersecurity:
While our infrastructure might be safe for the time being, cyberattacks can be catastrophic for any organization.
The resources below can direct your approach to mitigating cybersecurity risk in your organization:
- Blogpost: 4 Ways C-Suite Can Prevent Ransomware
- Blogpost: Cybersecurity Awareness: Fight Against Phishing
- Blogpost: 6 Reasons to Make TPRM Part of Cybersecurity Awareness Month
- Blogpost: Cybersecurity Awareness: The Suspense Is Killing Us!
- Blogpost: How To Be Cyber Smart – 5 Must Knows