Hassan: Small NH Schools Better Prepared for Hack Than Colonial

U.S. Sen. Maggie Hassan, D-NH, took Colonial Pipeline's CEO to task on Tuesday for paying a ransomware demand and not being prepared for a hack on its system that shut down distribution to the southeastern United States.

Hassan later said that some small New Hampshire school districts are better prepared for a cyber attack.

During a hearing of the Senate Homeland Security and Governmental Affairs Committee, Hassan asked CEO Joseph Blount, Jr. why the company paid over $4 million in ransom, as the FBI's advice was not to encourage other potential hackers.

Blount explained that the company did not know how much control of their pipelines had been lost by the hack.

"When you have a critical asset like this you've got to focus on the best opportunity of options you have in front of you to take avail of. In that case, it was to get the encryption tool and to get our information back," Blount said.

Hassan asked if the company had a plan in place for a cyber attack and if it included paying ransom.

"We have an emergency response process. See the threat, contain the threat, remediate the threat, and restore. In this case, you use the same process, but you use a different set of experts," Blount said.

Colonial's actions included contacting the FBI and seeking legal advice but they did not have a plan about ransom.

Hassan asked if the company also took into account the potential impact such an attack would have on the U.S. economy and consumers.

"We know our number one goal in Colonial is to safely and securely operate that pipeline because we're known for 57 years the importance of that pipeline to the well-being of the American citizen," Blount said. "Our investment whether its in pipeline integrity or whether its in cyberware and IT is all driven around keeping safe and protecting the asset because of what its main benefit is to the United States."

Hassan said that while she appreciated their understanding, companies need to start better anticipating problems rather than looking back at how they were handled in the past.

“We need to start imagining what can happen and respond accordingly as opposed to always be looking at what the last problem was and really investing. For critical infrastructure I think it’s absolutely important that we have standards that really make sure that companies are investing in the kind of infrastructure they need," Hassan said.

After the hearing, Hassan expressed her anger at the lack of preparedness for a cyber attack.

"It is a stunning admission that Colonial Pipeline did not have a plan in place if hackers requested a ransom payment. I’ve talked with small school districts in my state of New Hampshire that are better prepared for cyberattacks than Colonial Pipeline was," Hassan said.

Hassan, who has been laser-focused on cybersecurity, continued.

"Colonial Pipeline operates critical infrastructure that families and our economy rely on. It is unacceptable that it was so unprepared for a cyberattack, and it is a wake-up call that more must be done to secure our critical infrastructure," Hassan said.

The FBI was able to recover the ransom from the group Darkside.

Hassan said, "We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide."

Contact reporter Dan Alexander at Dan.Alexander@townsquaremedia.com or via Twitter @DanAlexanderNH