A piece in the Canadaian press on how the Colonial network was breached, and the ease of creating havoc once it was.
Citing a South Carolina-based company that specializes in industrial cybersecurity.
- pipeline companies typically use a system known as a supervisory control and data acquisition (SCADA) network
- a central computer system operates everything
- a common gap in the industry is the lack of segmentation of control between the central computer and the other device in the SCADA network
- “These are very large networks covering extensive distances but they are typically ‘flat’, from a network segmentation standpoint,” Cusimano said in an email. “This means that once someone gains access to the SCADA network they have access to every device on the network.”