BOSTON – An outside audit three years ago of the pipeline company hit by a cyberattack threatening fuel supplies in the eastern United States found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press. “We found glaring deficiencies and big problems,” said Robert F.
Smallwood, whose consulting firm delivered an 89-page report in January 2018 after a six-month audit. “I mean an eighth-grader could have hacked into that system.” How far the company, Colonial Pipeline, went to address the vulnerabilities isn't clear.
Colonial said Wednesday that since 2017, it has hired four independent firms for cybersecurity risk assessments and increased its overall IT