I suppose the operation of a pipeline requires coordinated control of pumps and valves along its 5000 mile length. This could certainly be done securely.
- Employees at stations along the pipeline could operate the equipment. Instructions could come from telephone calls, couriers, or text messages. This would be crude and expensive but secure.
- A private communication network with telephone wires or radio communication links is possible. This would also be secure, but expensive.
Evidently the designers decided to use cheap computers and internet communications. This left the pipeline vulnerable to hackers. It was a cheap solution, but not secure. The design evidently had no provisions for backup, so when the computer system was attacked, the flow of fuel ceased.
The company decided to pay ransom. I believe this should be illegal. If companies were forbidden to pay, the ransomware criminals would be out of business. Paying guarantees future attacks.
Paying a ransom is “positive reinforcement”. Like training a dog. He sits, he gets a treat. That is why you never pay hostage takers. It only serves as a reward and encourages future behavior.
LikeLike