Museum Wire
Law 0 · Katie's LawEvery system is shaped by the human drive to do less work. This is not a flaw. It is the economic force that produces all software — and all software failure.Law I · Boundary CollapseWhen data crosses into a system that interprets structure, without being constrained, it becomes executable.2026 IncidentAxios. 70 Million Downloads a Week. North Korea Inside.Law II · Ambient AuthorityWhen a system trusts the presence of a credential instead of verifying the intent behind it, authentication becomes indistinguishable from authorization.AXM-001Set Theory — Membership, Boundaries, and BelongingLaw III · Transitive TrustWhen a system inherits trust from a source it did not verify, the attack surface extends to everything that source touches.2026 IncidentClaude Code — The Accept-Data-Loss FlagLaw IV · Complexity AccretionSystems do not become complex. They accumulate complexity — one reasonable decision at a time — until no single person can hold the whole in their head.Law V · Temporal CouplingCode that assumes sequential execution, stable state, or consistent timing will fail the moment concurrency, scale, or latency proves the assumption wrong.2026 IncidentCopy Fail — 732 Bytes to Root on Every Linux DistributionAXM-002Boolean & Propositional Logic — True, False, and the Excluded MiddleLaw VI · Observer InterferenceWhen the system that monitors health becomes a participant in the system it monitors, observation becomes a failure vector.2025Amazon Kiro — The 13-Hour Outage2025Operation Chrysalis: The Notepad++ Supply Chain Hijack2025Replit Agent — The Vibe Code Wipe2025Shai-Hulud — The npm Worm That Ate Its Own Ecosystem2024Air Canada Chatbot — The Policy That Wasn't2024Change Healthcare — One-Third of US Healthcare, One Missing MFA2024CrowdStrike — The Security Update That Broke the World2024Google Gemini Image Generation — The Six-Day Pause2024XZ Utils — The Two-Year Infiltration20233CX — The Supply Chain That Ate Another Supply Chain2023Amazon Prime Video — The Per-Frame State Machine2023Bing Sydney — The Chatbot That Went Rogue2023Samsung ChatGPT Leak — The Employee Who Pasted the SecretEFFODE · LEGE · INTELLEGELaw 0 · Katie's LawEvery system is shaped by the human drive to do less work. This is not a flaw. It is the economic force that produces all software — and all software failure.Law I · Boundary CollapseWhen data crosses into a system that interprets structure, without being constrained, it becomes executable.2026 IncidentAxios. 70 Million Downloads a Week. North Korea Inside.Law II · Ambient AuthorityWhen a system trusts the presence of a credential instead of verifying the intent behind it, authentication becomes indistinguishable from authorization.AXM-001Set Theory — Membership, Boundaries, and BelongingLaw III · Transitive TrustWhen a system inherits trust from a source it did not verify, the attack surface extends to everything that source touches.2026 IncidentClaude Code — The Accept-Data-Loss FlagLaw IV · Complexity AccretionSystems do not become complex. They accumulate complexity — one reasonable decision at a time — until no single person can hold the whole in their head.Law V · Temporal CouplingCode that assumes sequential execution, stable state, or consistent timing will fail the moment concurrency, scale, or latency proves the assumption wrong.2026 IncidentCopy Fail — 732 Bytes to Root on Every Linux DistributionAXM-002Boolean & Propositional Logic — True, False, and the Excluded MiddleLaw VI · Observer InterferenceWhen the system that monitors health becomes a participant in the system it monitors, observation becomes a failure vector.2025Amazon Kiro — The 13-Hour Outage2025Operation Chrysalis: The Notepad++ Supply Chain Hijack2025Replit Agent — The Vibe Code Wipe2025Shai-Hulud — The npm Worm That Ate Its Own Ecosystem2024Air Canada Chatbot — The Policy That Wasn't2024Change Healthcare — One-Third of US Healthcare, One Missing MFA2024CrowdStrike — The Security Update That Broke the World2024Google Gemini Image Generation — The Six-Day Pause2024XZ Utils — The Two-Year Infiltration20233CX — The Supply Chain That Ate Another Supply Chain2023Amazon Prime Video — The Per-Frame State Machine2023Bing Sydney — The Chatbot That Went Rogue2023Samsung ChatGPT Leak — The Employee Who Pasted the SecretEFFODE · LEGE · INTELLEGE
Keyboard Navigation
W
A
S
D
or arrow keys · M for map · Q to exit
← Back to Incident Room
2021outageCorporation

Colonial Pipeline — When Billing Shut Down the Fuel

Colonial Pipeline, supplying 45% of the US East Coast's fuel, shut down for 6 days after ransomware encrypted its billing systems. The pipeline itself was never attacked — the company couldn't bill for fuel it delivered.

2 min read
Root Cause

Attackers used a compromised VPN account credential that lacked multi-factor authentication. DarkSide ransomware encrypted billing and business systems. Colonial shut the pipeline because they couldn't meter and bill for fuel — not because the pipeline control systems were compromised.

Aftermath

Colonial paid $4.4 million in Bitcoin ransom (DOJ later recovered $2.3 million). Fuel shortages and panic buying across the southeastern United States. Led to TSA security directives for pipeline operators and accelerated federal critical infrastructure cybersecurity mandates.

The Incident

On May 7, 2021, Colonial Pipeline Company — operator of the largest refined products pipeline in the United States, carrying 2.5 million barrels per day and supplying approximately 45% of all fuel consumed on the East Coast — shut down its entire pipeline system following a ransomware attack.

The shutdown lasted six days. Fuel shortages spread across the southeastern United States. Gas stations ran dry. Panic buying emptied pumps in states from Georgia to Virginia. The national average gas price rose to its highest level since 2014.

The Root Cause

The initial access was a single compromised VPN credential. The account did not have multi-factor authentication enabled. Using this one credential, the DarkSide ransomware group gained access to Colonial's business network and deployed ransomware that encrypted billing and accounting systems.

The pipeline's operational technology (OT) systems — the actual control systems that manage fuel flow — were not directly compromised. Colonial shut the pipeline down because they could not meter, track, or bill for fuel deliveries. The business decision was: if we can't bill for it, we can't deliver it.

The Pattern

A VPN without MFA. A single credential. Ransomware on the billing system. And a business decision that a billing outage requires a pipeline shutdown. The most critical fuel infrastructure on the East Coast was shut down not by an attack on the pipeline, but by an attack on the invoicing system.

Why It Matters

Colonial Pipeline demonstrates that business logic can be the real vulnerability. The pipeline worked. The fuel was ready. The control systems were intact. But the billing system was encrypted, and the company's operating procedures required billing functionality to deliver fuel. The attacker didn't need to hack the pipeline. They just needed to hack the spreadsheet.

Techniques
compromised vpnno mfaransomware