A May 7 cyberattack that shut down Colonial Pipeline, the nation’s largest gasoline pipeline, serves as a stark reminder of how vulnerable many companies and other entities are as infrastructure increasingly relies on the Internet, and two Anderson University professors say more needs to be done to protect against future attacks.
The ransomware attack on Colonial Pipeline caused widespread disruption to fuel delivery in the Eastern United States. Anxious motorists made matters worse, leading to long lines at the pump and many stations running out of gas. In many towns, no gas was available at all. Colonial announced May 12 that the pipeline restarted, but the attack’s impact could be felt for several more days.
Dr. Kimberly Whitehead, associate professor of quantitative management at the Anderson University College of Business, says it’s imperative that companies strategize their logistics and procurement functions, raising their supply chain strategy to “the highest urgency.”
“It is very important for organizations to take precautions to protect their supply chain whether that is incoming from their suppliers or the last mile supply chain to consumers,” Dr. Whitehead said, adding that it’s vital for companies to have supply chain experts on their staff to help with planning for potential disruptions.
“This incident could have been much worse,” said Dr. Kenneth Knapp, director of the Anderson University Center for Cybersecurity. “Instead of hitting one large company, what if a nation-state targeted several companies throughout our country that impacted several pipelines all at once? Given the nature of cyberattacks, a simultaneous attack is very doable. What if instead of being motivated by money, the attackers wanted to cause widespread panic and cripple the U.S. economically, or worse?”
Attacks of this kind, according to Knapp, can potentially wreak havoc in other industries, including power, chemicals, manufacturing, water, food distribution, health care, finance and communications.
“Today, many companies supporting critical infrastructures are connecting computers directly to the Internet—and these systems need significant protection because they are being targeted for infiltration, data theft and ransomware exploitation,” Knapp said. “Large cyber incidents like the Colonial Pipeline highlight the cybersecurity field and the growing need for cyber professionals. This attack has received significant attention and should result in companies taking the cyber threat more seriously.”
According to Whitehead and Knapp, attractive career opportunities exist in both supply chain management and cybersecurity and Anderson University is preparing students to fill those crucially needed jobs.