ST. LOUIS, MO (KMOX) - A cyber security expert says operators of a northeast pipeline could have done more to deter hackers.
Colonial Pipeline -- the largest pipeline system for refined oil products in the US -- reportedly failed to update software making their entire system vulnerable, "in this case if you have critical information and you're running a pipeline, water, oil, or gas, or critical infrastructure, there is a responsibility that you must be held accountable to on implementing effective security," stresses Dr. Eric Cole, " ignoring cyber security in the year 2021 is not an acceptable answer."
Cole has three decades experience in the cyber security realm and is the author of multiple books, including the latest Cyber Crisis. Cole says Colonial should also have isolated its production network from the internet.
He points out Colonial is not unique, saying many other organizations responsible for critical systems are also behind on cyber security. Cole suggests it's time for companies that handle critical infrastructure to face government penalties for failing to implement basic cyber security precautions.
"We are the only country in the world that does not have national regulations," Cole says. If this happened in Europe, Australia, or even the Middle East, there would be significant fines and penalties against this company because they did not follow proper cybersecurity. In the United States they get a free pass."
@2021 Audacy (KMOX). All rights reserved.