Colonial Pipeline Posted Security Job Before Ransomware Attack

Colonial Pipeline had been advertising for a security manager just weeks before it suffered the ransomware attack last week.

The impact of the ransomware attack is still being felt in parts of the United States, with fuel supplies running out at petrol stations, and passenger jets having to make extra stops on their flights to refuel.

The US government has also had to enact emergency powers to deal with the disruption.

The attack was carried out by the criminal group called DarkSide, which is based in Russia. Earlier this week British Foreign Secretary Dominic Raab warned Russia that it cannot continue to shelter criminal gangs carrying out ransomware attacks on Western nations.

Job position

The Colonial Pipeline runs between Texas and New Jersey and is 5,500 mile long.

It carries 2.5 million barrels a day, which translates to 45 percent of the fuel supply for the US East Coast. It includes diesel, petrol and jet fuel.

That attack has resulted in disruption in fuel supplies on the US east coast, and US President Joe Biden said he was being briefed about the cyber-attack.

It should be remembered that the US in 2011 said that it reserves the right to retaliate with military force against a cyber attack from a hostile state.

Now it has emerged that weeks before the attack, Georgia-based Colonial Pipeline had a posting on the its careers web site for the cyber security manager job.

The position has been open for more than 30 days.

Needed talent

“The cybersecurity position was not created as a result of the recent ransomware attack,” CNN quoted Colonial as saying in a statement on Wednesday.

The company added that it has “several positions open as part of our longer-term growth strategy around talent, as we are constantly recruiting top-tier talent across all functional areas of our business. The position to support cyber security would be an example of that. This is a role that we have been looking to add in an effort to continue building our current cyber security team.”

The company is looking for “someone who has an understanding of emerging security threats in order to design security policies and procedures to mitigate threats where possible,” the posting said.

DarkSide for its part was quick to state it was not carrying out the attack for political purposes, but rather were just seeking to make money.

DarkSide reportedly only targets English-speaking countries and has claimed it has also attacked another three companies since the Colonial Pipeline hack.