If you were impacted by storms on April 27 or May 6, CLICK HERE to find resources available for recovery.

Lankford Questions Colonial Pipeline CEO Following Ransomware Cyber Attack

CLICK HERE to watch Lankford’s Q&A on YouTube.

WASHINGTON, DC – Senator James Lankford (R-OK) today participated in a Senate Homeland Security and Governmental Affairs Committee hearing entitled, “Threats to Critical Infrastructure: Examining the Colonial Pipeline Cyber Attack.”

Lankford’s questions to Mr. Joseph Blount, Jr., the President and Chief Executive Officer of Colonial Pipeline, focused on the lessons learned by Colonial Pipeline after the cyber-attack in early May and how other companies can apply their experience to be prepared for and prevent cyber-attacks. Lankford noted that in one of his first actions as President, the Biden Administration has halted the Keystone Pipeline and that Canadian and American producers now have to try to find trains or trucks to meet our energy needs. President Biden also signaled he would not move forward with sanctions on those involved in the construction of the Nord Stream 2 pipeline, which would transport natural gas from Russia to Germany and threaten the energy security of the US and our European allies.

Last month, Lankford participated in a Homeland Security and Governmental Affairs Committee hearing in which he asked about cyber security readiness in the wake of ongoing threats from ransomware and other cyber-attacks, including the attack on the Colonial pipeline. The hearing focused on the late-2020 Russian attack on the SolarWinds Orion cyber supply chain that, over time, was determined to have impacted numerous federal agency networks.


On the nature of the attack on the Colonial Pipeline

Lankford: I want to ask a couple of things here. You had to do a physical inspection and a cyber-inspection of this pipeline or just going through the digital portion of it. Did y’all have a physical inspection as well?

Blount: In the early hours of May 7th, we did not know exactly what we had. We had the ransomware, but again, we’re always concerned about the security of the pipeline. And you may have read in the press—and it’s a factual statement—we drove over 29,000 miles of the pipeline, and again remember it’s only a 5,500 mile pipeline. So we had constant ground surveillance…Again, we didn’t know that it was just a cyber-attack. We had to make sure that it wasn’t potentially an attack on our physical structure as well.

On the importance of pipelines and the need to be prepared for an attack

Lankford: So I said to several people that I’ve talked to in the last month, when we saw suddenly gas lines appearing and a pipeline go down at this point, that everyone learned the importance of pipelines. If I rewind two months before that, all the conversation was about slowing down the permitting new pipelines, maybe we’re not going to do pipelines at all, make it harder to be able to do maintenance on federal lands on pipelines. Two months ago, the conversation was, well maybe we need fewer pipelines, and maybe we need to make this harder to be able to develop new pipelines. Obviously Keystone Pipeline was in the news to say, ‘We’re just not going to do that at all.’ And so products coming out of Canada, and out of Montana are just going to find trucks and trains to be able to get there. I’m not going to ask you this same question because that’s not going to be fair to you, but I’ve told a lot of folks, what we watched happen with the sudden shutdown of a pipeline is the ghost of Christmas future for the entire country if we don’t continue to maintain our pipelines, increase capacity of pipelines, if we don’t continue to expand and have a duplication of pipelines in spots to be able to make sure we have redundancy for this. Pipelines are essential to America, and the two and a half million miles of pipelines we have scattered around the country, we lose track of how incredibly important they are.

So I’m grateful that your company’s had such a good reputation. This is terrible to be a victim of a ransomware attack. And there’s something that you have that every CEO in America would like to hear, and that is, what are the lessons learned on cyber issues that you’ve already identified. Obviously, your team’s taken on, the number one’s already come out: looking for legacy entries into your system that don’t have two-factor authentication on it. What else has been identified that you need to be able to take on and to pass on to others?

Blount: Again, I think the most important thing is to not be complacent about what you have because of the pace of change on the outside from the criminal side, and then secondary to that, and equally as important is the ability to have an emergency response process in place. If we had not been trained for the last 57 years to respond to any threat, whatever that threat is. It’s an extension cord on the ground that hasn’t been taped down that someone might trip over and hurt themselves. If we hadn’t been trained like that and our employees hadn’t been trained by that, who knows how many days it would have taken to bring the asset back online? We know the importance of the asset. We’re dedicated to the American public as a result of all the training we’ve done through the years to make sure that we have the fuel that we need.