Could one stolen password cause a fuel shortage?
Yes, yes it could. Just ask Colonial Pipeline.
We’re referring, of course, to the April 2021 cyberattack that shut down Colonial’s infrastructure, triggering a fuel shortage on the east coast. While testifying before the U.S. Senate, President and CEO Joseph Blount confirmed the hackers gained access with one stolen password via a legacy VPN. That’s all it took.
Preparing for Battle
If a cyberattack can shutter a fuel pipeline, the sky is (unfortunately) the limit for the rest of us. For a trucking company, it could mean the loss of communication systems, load planning capabilities, equipment tracking – i.e., the entire operation.
That’s why Nussbaum is preparing now.
Our people are the primary line of defense. We train employee-owners in good security hygiene and how to discern potential threats. This includes:
- Monthly training on security principles (password management, reporting procedures, suspicious links, etc.).
- Test phishing emails, teaching us to recognize common phishing techniques and avoid taking the bate.
- Individual security scorecards to track and incentivize habits.
- An online resource hub with product recommendations and tools.
Responding to Crisis
That’s great, but what if the bad guys still get in?
We’ll be waiting and ready to respond.
Nussbaum’s IT department has led two “Resilience Day” events where we essentially stage a cyberattack. In the simulation, everything goes down – no phones, no emails, no computers – nothing. The scenario team acts as drivers, customers, and motorists calling for information. The IT response team races to “wipe” the servers and restore clean, functioning equipment. Then, we practice dispatching drivers, servicing customers, and keeping up with equipment repairs using only email and personal cell phones.
Our goal? Deliver customer loads on time and maintain lines of communication, all while recovering our systems and servers. We hope to prevent downstream effects, like the fuel shortage caused by Colonial Pipeline’s breach. Security isn’t just about Nussbaum’s operation – it affects organizations connected to Nussbaum. And that’s something we take very seriously.
To learn more, visit nussbaum.com/security. We’ve assembled product recommendations, quick stats, and resources for securing your devices. Security begins with you!