Weekly Geopolitical Report – The Geopolitics of the Colonial Pipeline Ransomware Attack: Part I (June 14, 2021)

by Bill O’Grady | PDF

On Thursday, May 6, 2021, hackers attacked the Colonial Pipeline, capturing data by infiltrating the company’s business software.  In response, the company closed its 5,500-mile pipeline to assess the damage and protect critical infrastructure.  Eventually, the company paid the ransom and service was restored.

Although a criminal event usually doesn’t have geopolitical ramifications, this one did, in our opinion.  The attack brought down a pipeline that connects refineries in Texas and Louisiana that provide petroleum products as far north as New Jersey.  The situation highlighted the vulnerabilities of critical infrastructure, the nature of criminal ransomware enterprises, the role of cryptocurrencies in criminal transactions, and the problems of scale in criminal activity.

In Part I of this report, we will begin with an overview of the attack followed by reflections on organized crime.  We will also deal with the attractiveness and growth of ransomware.  Comments about the firm involved in the attack, Darkside, will follow.  Part II will discuss why this cyberattack was a serious mistake.  The subsequent discussion will focus on the parties that were adversely affected by this event and we will close with market ramifications.

Read the full report