Új hozzászólás Aktív témák
-
Ringman
nagyúr
[link]
In a statement published Saturday, it said the ransomware infected only its corporate IT network. Although the operational network that controls its pipelines and distributes fuel is separate from the corporate network and wasn’t infected, Colonial said it temporarily shut down the pipelines as a precaution to prevent the infection from spreading.
Colonial’s operational network uses automation systems to control and monitor the flow of fuel from refineries and tank farms into Colonial’s pipeline, and from Colonial’s pipeline into the tanks and transportation facilities belonging to suppliers and distributors.
Colonial’s corporate IT network and the process control network are connected and exchange information about how much fuel each supplier or distributor receives in order to bill them for it, says a source who works for a large midstream oil company that feeds fuel into Colonial’s pipeline.
A “flow computer” on the process control network records data about how much fuel is distributed and sends it through a data gateway and firewall to the corporate network. A ticketing system on the corporate network uses that information to then invoice the distributors.
While the connection between Colonial’s corporate business network and the process control network is “mostly in one direction” the source says, “there’s nothing that stops it from going bi-directional” — meaning that depending on how secure the firewall that divides them is, a hacker can pass from the corporate network through the firewall and into the process network to impact systems there. Colonial is believed to use Cisco ASA firewalls, which have had serious vulnerabilities in the past. Once on the process control network, a hacker can install malware or manipulate data.
[...]
Although infecting Colonial Pipeline’s process control network would be disruptive, it isn’t the only concern. Colonial’s control system also connects to the control systems at tank farms that feed fuel into Colonial’s pipeline, said the source who works for the midstream oil company. An attacker can potentially pass through Colonial’s control systems into the control systems of these farms.
csodás, ha jól értelmezem, a számlázási rendszerükön keresztül bármi elérhető.
Új hozzászólás Aktív témák
it A Colonial Pipeline ügyvezetője elárulta: egyetlen jelszó segítségével érték el a hackerek, hogy megbénuljon az USA legnagyobb üzemanyag-szállítójának rendszere.
- ASUS Radeon RX 480 OC 4GB GDDR5 256bit (DUAL-RX480-O4G) Videokártya,játszós gépből,tesztekkel!
- Samsung S22 Ultra 5G Független DS 12/256 GB
- Apple Watch Ultra 49MM Midnight Ocean 2025.02.09-ig GARANCIÁS,FULL DOBOZOS
- Intel Core i5-7600 processzor 6M gyorsítótár, akár 4,10 GHz
- Lenovo ThinkPad L14 Gen1 L14 Gen2 GYÁRI billentyűzet. ÚJ BONTATLAN!