A Chattanooga cybersecurity expert says a cyberattack that has shut down a major U.S. gas pipeline that runs across Lookout Mountain could have been avoided.
Colonial Pipeline said hackers used ransomware to shut down the company's internal business networks.
Colonial shut down its 5,500-mile pipeline on Friday and said it has no estimate on when the flow will resume.
In the meantime, gas prices are rising.
Authorities believe a Russian criminal group is responsible for the attack.
John Anthony Smith, whose Conversant Group is located on the Southside, said, "Unfortunately, it seems that, at minimum, Colonial Pipeline was not confident that its industrial control systems for managing and supporting its pipeline were isolated from the portions of its network affected by ransomware.
"Based on the public statements, the pipeline was shut down out of caution. However, if Colonial had been orchestrating its security program in a manner consistent with industry norms and expectation this contingency and very sensitive network’s system of mitigating security controls would have already been vetted."
Mr. Smith said, "Sensitive infrastructure should never be directly exposed to the Internet and internal networks. This infrastructure should permit access only via a system of mitigating security controls.
"This situation should serve as yet another warning to all of us responsible for supporting, managing, and securing critical infrastructure. The enemy is persistent and must find only one open door. We must be diligent."