Consortium of Cybersecurity Clinics
  • About
    • Consortium History
    • Our Funders
    • Meet the Team
  • Members
  • Resources
  • Newsroom
    • In the News
    • Blog
  • Contact
    • Contact Us
    • Consortium FAQs
  • Support
  • About
    • Consortium History
    • Our Funders
    • Meet the Team
  • Members
  • Resources
  • Newsroom
    • In the News
    • Blog
  • Contact
    • Contact Us
    • Consortium FAQs
  • Support

Case Study: The Colonial Pipeline Attack

Resource Type: Case Study

Case Study: The Colonial Pipeline Attack

In May 2021, one of the largest refined fuel pipelines in the United States, the Colonial Pipeline, experienced a cyberattack that shut down fuel delivery from the Gulf coast to the East coast. The U.S. government including CISA at the Department of Homeland Security and the FBI strongly recommended against paying the ransom demanded by the hackers. Concerned about operational safety and getting the pipeline back up and running the company decided to pay the ransom. The group responsible is known as the Darkside group.

Case Study: Washington, D.C. Cyberattack

In April 2021, hackers broke into the Washington, D.C. Metropolitan Police Department (MPD) computers, locked up the files and demanded $4 million in ransom. The group responsible is known as Babuk. They started leaking data just before the MPD confirmed it had suffered an attack. The leaks included financial and marriage histories of officers, social security numbers and other confidential information. Babuk claims they were offered $100,000, but the police department has not confirmed whether it agreed to pay any ransom.

Case Study: The Oldsmar Attack

On February 5, 2021, a water treatment plant employee in Oldsmar, Florida noticed his mouse cursor moving strangely on his computer screen. At first, he thought it was nothing because they use remote-access software. Later, the mouse moved again to adjust the allowable level of sodium hydroxide (a disinfectant used to clean the water). Although the intrusion only lasted between three and five minutes, it took five and a half hours for the staff to notice the change to dangerous allowable levels. The plant has since disabled its remote-access system. This breach highlights the serious impacts hackers can have on utilities and critical infrastructure, potentially harming thousands of people.

Recent Posts

  • Arizona High Schools to Launch Cybersecurity Clinics
  • The Feds Need to Step Up on Cybersecurity
  • West Virginia State University Celebrates Opening of Cybersecurity Clinic
  • Cybersecurity and Global Policy, a valuable pathway for IU students
  • NIST Webinar: “University-Based Cybersecurity Clinics: Educating the Next Generation of Cybersecurity Leaders While Safeguarding Small Businesses”

Recent Comments

No comments to show.

Archives

  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • November 2023
  • October 2023
  • July 2023
  • June 2023
  • May 2023
  • March 2023
  • October 2022
  • September 2022
  • August 2022
  • May 2022
  • March 2022
  • February 2022
  • January 2022
  • November 2021
  • August 2020
  • July 2019

Categories

  • Consortium Blog
  • Featured
  • In The News
  • Uncategorized

Donate to the Consortium

Help build and expand university-based cybersecurity clinics.
Make a Gift Today

Subscribe to the Consortium

    Consortium of Cybersecurity Clinics
    • About
    • Resources
    • Newsroom
    • Contact
    • Support

    © 2025 The Consortium of Cybersecurity Clinics. All Rights Reserved. Privacy Policy Accessibility Nondiscrimination