Biden declares state of emergency over pipelines - the move allows oil suppliers to transport their fuel via roadways while Colonial pipelines are down. I spoke w/ someone who works for oil company about what Colonial has told them and what they're doing zetter.substack.com/p/biden-declar…
Source tells me Colonial said pipelines would “not be fixed in 1-2 days, but won’t take 6 weeks.” He’s not sure why Colonial gave such wide timeframe but said it’s “very concerning for our interests.” They're scrambling to find more storage and may have to reduce refinery output
Source also tells me one reason Colonial might have taken operational network down - aside from being cautious - is because they may not be able to invoice customers who receive fuel if their IT network is locked with ransomware, preventing them from being paid for fuel.
Colonial’s op network controls flow of fuel from pipeline to distributors then passes info to ticketing system on IT network to automatically invoice distributors. If ticket system is locked and pipeline is still flowing Colonial can't monitor flow and send invoices to get paid.
If Colonial didn’t already have an alternate plan in place to collect flow data manually and invoice manually, it may have to keep the pipelines down until it can determine an efficient way to do this via the pipeline. Otherwise transporting via trucks/ships is the alternate.
This creates a new prob: the US currently has shortage of fuel tank drivers. 25% of fuel trucks currently sit unused due to shortage of drivers from layoff/retirements during pandemic; fuel drivers need special safety training preventing workforce from being replenished quickly
Note, that I've updated the story published on my Zero Day substack to correct an error reported by the @BBC. Biden did not announce a state of emergency; the gov passed an emergency waiver to the Jones Act, which would allow non-US maritime vessels to transport the oil.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

8 May
Ransomware infection at Colonial Pipeline only infected its IT network; but according to source I spoke to it had potential to spread to operational network and even to upstream oil suppliers whose control systems connect directly to Colonial's systems zetter.substack.com/p/ransomware-i…
Colonial’s IT network and process control network are connected to share info about how much fuel each supplier receives and bill them. A “flow computer” on the process network sends info thru a data gateway and firewall to the corporate network, creating potential pathway
Once on control network, hacker could install malware or manipulate data. But Colonial’s control systems also connect to control systems at tank farms that feed fuel to Colonial pipeline. An attacker can potentially pass thru Colonial’s systems to control systems of these farms.
Read 9 tweets
7 May
The Trump Justice Department secretly obtained the phone records of WaPo reporters @nakashimae @gregpmiller and @adamentous and tried to obtain their email records over reporting they did in the early months of the Trump administration on Russia’s role in the 2016 election.
The records for their telephone numbers covered the period April 15, 2017 to July 31, 2017. This included work and home or cellphone numbers covering that three-and-a-half-month period. The Justice Department defended its decision...as an investigative step of last resort
During period for which phone records were obtained, the journos wrote story about classified US intel intercepts that indicated in 2016 Sen. Jeff Sessions had discussed Trump campaign w/ Sergey Kislyak, Russia ambassador to US. Sessions was attorney gen when article published
Read 5 tweets
2 May
Lisa Sales had just started work for Booz Allen Hamilton, a Pentagon contractor, when she was raped by her house tenant - a Russian grad student. She soon learned he was the son of a former career officer in Russia's FSB, who had spied for the US for 6 yrs news.yahoo.com/how-a-brutal-a…
As she dug into her assailant's history, she learned the father/son had likely been relocated to the US by the CIA; records showed the father had $16 million in assets, presumably payment from CIA. After raping Sales, the son was arrested again for threatening a couple with a gun
This story raises a lot of questions about the CIA's spy relocation program and what happens when former spies or their families commit crimes here. News about the crimes can draw unwanted attention to the spy, which puts CIA in difficult situation. Do they try to cover up crime?
Read 4 tweets
22 Apr
Researchers find 18 additional command servers used in SolarWinds campaign. Also find that two servers previously known, that were used to push 2nd-stage malware, were mysteriously active Feb 27, 2020, a month before SW customers got infected w/ backdoor zetter.substack.com/p/research-unc…
If servers were pushing out 2nd-stage malware to victims in Feb, this raises the possibility that 1) a previously unknown version of SW software was compromised and infected customers a month before SW says customers got infected...
2) the 2nd stage command servers were pushing out 2nd-stage malware to victims who were already infected w/ something other than the SolarWinds software that carried the backdoor or ...
Read 4 tweets
21 Apr
Must have been a turnip truck
signal.org/blog/cellebrit…
For background on Cellebrite, I took a deep dive into the company in 2016 in this piece theintercept.com/2016/10/31/fbi…
Signal really went to town with this video showing how they hacked Cellebrite's UFED device. Expect it to be replayed at hacker conferences the planet over; it's got a guaranteed spot in hacker lore signal.org/blog/videos/ce…
Read 4 tweets
17 Apr
Announcing: Mark Zuckerberg will join our new Sidechannel for a conversation with @CaseyNewton in the launch of our new Discord txt/audio chat forum. It's a measure of how respected Casey's Platormer publication is (platformer.news/publication) that Zuck wanted to join him for this. Image
I've heard Zuckerberg will be making news during discussion. Sidechannel, launched by Casey, I, and six other independent writers, is open to paid subscribers of my Zero Day publication (zetter.substack.com), Casey's Platformer or any of the other publications listed below
Other writers/pubs on SideChannel are:

Platformer @CaseyNewton
platformer.news

Galaxy Brain @cwarzel
warzel.substack.com/p/welcome-to-g…

Newcomer @EricNewcomer
newcomer.co

Hot Pod @nwquah
hotpodnews.com

Culture Study @annehelen
annehelen.substack.com
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(