How has the Colonial Pipeline Cyber-Attack Impacted the Logistics Industry?

On May 7th, 2021, the cyber hacking group DarkSide hacked the Colonial Pipeline with ransomware, a type of malware that can encrypt, delete and distribute data to the highest bidder. The 5,000-mile pipeline extends from Texas to New Jersey, allocating 45% of the fuel used on the East Coast. In an attempt to prevent hackers from exposing vulnerabilities and damages, the head of Colonial Pipeline shut down its operations for a week.

Millions of people rushed to gas stations to hoard gasoline, driving up the cost of oil barrels to $3 a gallon for the first time in years and creating a gasoline shortage. The logistics industry entered into panic mode, as operations had to delay their deliveries and shipments due to shortages. The Biden administration initiated a multi-agency response to mitigate the attack’s effect on infrastructure.

After several days of investigation, the CEO of Colonial Pipeline agreed to the terms of the hacker group and paid $4.4M in bitcoin to DarkSide to restore their data.

The Colonial Pipeline hacking shook the nation and held a spotlight on cyber-security weaknesses that, when exploited, can cause severe disruptions. While the issue was resolved, we need to address several takeaways about how this event has affected the logistics community to prepare accordingly.

Cybersecurity is critical

Hacking has become a common occurrence in the last decade, and many large-scale operations are not adequately prepared for a cyber attack. In 2014, Yahoo! was the victim of a cyberattack that exposed the personal information of nearly 3 billion users.

This attack shows the extent of damage that can happen with security breaches. In the logistics world, a cyber attack can mean customer information being leaked, hackers gaining access to company financials, and even losing millions of dollars in lost business.

Many logistics operations are investing in end-to-end visibility and upgrading to cloud-based technologies. However, adopting new technology comes with the risk of security breaches. Companies need to ensure that security is discussed at every level in the onboarding process. Upper management must prioritize building cybersecurity teams and investing in robust cybersecurity defense.

Cyber-attacks affect reputation

In August 2020, TFI International was attacked by hackers who installed ransomware into their systems.  The effects trickled onto TFI’s subsidiaries, who were forced to manually sort their cargo instead of relying on an exposed network. The results of the attack cost TFI International $6 million in revenue losses. TFI also refused to pay the ransom and their information was subsequently leaked on the dark web, losing public trust and reputation.

A cyberattack affects a business internally as well as externally, as the company’s response and discretion become scrutinized by the public if handled inadequately. The public may lose trust in a business if they see a delay in addressing the issue, or even try to cover up the incident and hide the truth from shareholders.

The reputation of a company is difficult to earn, and even harder to rebuild once it’s been broken. Upper management should keep in mind how important the immediate aftermath of a cyber attack has on the entire company and have a resolution and trust-restoration strategy in place. Reassuring the public that everything is being done to protect their information is essential to maintaining reputation intact after a security breach.

The incident exposed our dependence on fossil fuels

When Colonial shut down its pipeline, it caused an uproar amongst trucking companies and the transportation industry as a whole due to its dependence on gasoline and diesel fuel. Many long-haul deliveries out of Savannah and Norfolk had to halt their operations for fear of being stranded with no gas. Trucking operations reluctant to buy electric trucks were forced to delay their shipments.

As we move towards sustainability and more eco-friendly energy sources, there is still much work to be done about transitioning away from fossil fuel consumption. Sustainability has become a public expectation over businesses to play a part in reducing the carbon footprint. Companies that continue to rely solely on fossil fuel consumption will find it less acceptable from consumers in the years to come.

While technology is still new, companies can invest in upgrading their fleet of trucks and vehicles to reflect an ethos that promotes better sustainability. It is unlikely that as an industry we will ever truly do away with fossil fuels completely... but that doesn't mean that we shouldn't try to reduce their use where applicable. 

Final Thoughts

The Colonial Pipeline attack showed the world how important cybersecurity is for businesses and consumers. Without a strong security system, companies expose themselves to data breaches and information leaks, costing substantial losses in revenue and public confidence. The attack also exposed our reliance on gas as a primary fuel source, and how important it is to curb our dependence on fossil fuels.

Disruptions are meant to show vulnerabilities so we can patch them up and become stronger. We can learn from this exception and equip ourselves with the foresight to prevent more disruptions in the future and come up with effective alternative solutions.