By Mr. Z.
5-12-21

As the Colonial Pipeline cyberattack continues to unfold, it is worth considering some noteworthy developments leading up to this point. In December 2020, Joe Biden publicly stated that the U.S. would launch offensive cyber operations against Russia during the forthcoming weeks and months after accusing Moscow of conducting the SolarWinds hack. This misguided, public statement of intent raised eyebrows among many – as it could easily make the U.S. increasingly vulnerable to numerous known and unknown nation-state and non-state cyber hacking operators against critical infrastructure. It is plausible that such cyber adversaries or opportunists would be inclined to conduct more extensive operations than they would have otherwise while safely assuming that Russia would receive automatic blame for any future cyber incidents directed against the U.S.

In April, after Biden's stumbling pronouncement of future U.S. cyber operations targeting Russia, his administration released its 100-Day Plan to enhance the cybersecurity of electric utilities' industrial control systems (ICS) and secure the energy sector supply chain. 

When considering the previous developments outlined above, it is estimated that the May 7, 2021 Colonial Pipeline cyberattack is a domestic proof-of-concept operation to demonstrate the following:

- How easily U.S. critical infrastructure can be penetrated and disrupted

- The severity of disruptions that a relatively low-end cyber-attack can have over wide geographical areas

- The potentially permanent damage that can be done to expensive, time-consuming equipment

- The wide-ranging financial costs of such an incident

- The seemingly unconnected interruptions that such an incident by a small group of obscure hacktivists or financially motivated cybercriminals can have across various areas of society

Such proof-of-concept operations have happened before. Biological experiments notwithstanding, one probable example is the April 16, 2013 Metcalf sniper attack near San Jose, CA – where an electronic substation came under assault in the dark of night by gunmen firing 7.62 rounds into preidentified transformers and severing fiber-optic telecommunications cables. This low finance attack resulted in over $15 million in damages and subsequent power outages in various surrounding areas. The attack occurred when Congress was debating allocating additional funds towards upgrading the physical security of U.S. electrical grids. The debate stalled when it came to whether the U.S. Government or private utility companies would pay most of the recommended physical upgrade costs. In the months following the April 2013 attack, increased Federal and private industry funds were allocated towards the security upgrades – with the Metcalf sniper attack serving as the primary justification. At the time of this writing, no perpetrators have been arrested in connection to the incident. The Department of Homeland Security (DHS) has since stated that it was likely an insider attack.

Regarding the Colonial Pipeline cyberattack, it is interesting to note that, despite being topped off in March 2020, after President Trump declared a national emergency due to SARS-CoV-2, Biden has yet to allocate resources from the U.S. strategic reserve to alleviate the impact of this incident. Although doing so at this time might be premature, not doing so has quickly resulted in long lines at the pump, demonstrating the impact the cyberattack is having on the economy. Such consequences had to have been known within minutes of learning of the cyberattack on the pipeline – the most extensive pipeline system for refined oil products in the U.S. By allowing the situation to unfold the way it has serves to demonstrate all points listed above. It also serves as justification for increased funding at a time of an infrastructure bill impasse, Biden's declared intent to launch cyber operations against another nation-state (armed with nuclear weapons) without provable evidence, and post-COVID department budget shortfalls and bureaucratic jostling for dwindling funds. All factors and potential motivations described herein should be considered throughout the course of this unfolding episode.