Before you go off half-cocked at the conspiracy theory that the Biden Maladministration “ordered” the Colonial Pipeline shut down (and yes, I’ve read this elsewhere), I’d recommend the application of Occam’s Razor to the problem.
The fact is, far too many public infrastructure installations are vulnerable to exactly the sort of hack reported, because they are designed to be accessed from the public Internet by their operators. Why? Because it’s easy to do it that way, that’s why. And it means they can hire fewer operators because they don’t have to be on site.
You can firewall to a fare-thee-well, you can use all sorts of fancy gadgets and hardware dongles and suchlike to secure logins, but in the end, all of these systems are exactly as impenetrable as their weakest link. Which is usually a bug in security code that someone manages to find and exploit.
Don’t be surprised when this happens again, and again, and again — and it may not happen to a pipeline next time. It might happen to the regional power grid. Or your local water company.
And it’s all because they’re all too goddamn cheap to hire people to run things in person, the way things used to be done before the Internet.
NONE of these installations should be hooked up to the public Internet. Period. End of subject.