Plenty of Lessons from Colonial Pipeline attack
It’s been a week since the Darkside gang launched its Ransomware attack on the Colonial Pipeline, temporarily throwing the American fuel supply system into chaos. But even now, with the pipeline back sending fuel to customers in need across the southeast and mid-Atlantic states, there is reason to worry about what happens next.
So what did we learn from Colonial Pipeline? First and foremost, that Americans are still prone to panic buying and reacting emotionally in times of crisis. The short tempers and long gas lines across the Southeastern U.S. last week were reminiscent (for older folks) of the Arab oil embargo days of the early 1970s. If the next Ransomware attack strikes the electricity grid or water supply, we may see more than an inconvenient disruption of our way of life.
Then there is the decision by Colonial Pipeline to meet Darkside’s demands and pay an estimated $5 million ransom. Analysts twisted themselves in knots not to criticize the decision, given the stakes involved, but as Wired magazine put it best, “Ransomware remains an inveterate threat. And Colonial Pipeline’s $5 million payment will only egg on cybercriminals.”
Many experts believe Colonial may have been spurred to pay by news that the hackers had gained access to the company’s business network, giving them access to the firm’s billing system. Other reports said the cyber criminals threatened to release information on Colonial’s customers if the Ransom were not paid.
Regardless, by Thursday news came out that the pipeline was back on line, and that ransom had been paid. And while this may set a dangerous precedent, it’s easy to criticize another company’s decision when you’re not the one whose operations have been crippled.
The pipeline attack did raise the profile of cybercrime, and Ransomware in particular, for Americans. And if that is followed by heightened prevention and readiness among companies large and small, there may be some benefit to this disaster.
Indeed,the news isn’t all bad. The federal government moved quickly to go after Darkside, and by the end of the week it was reported that the criminals had shut down operations, if only for now. The U.S. also issued a cybersecurity Executive Order on Wednesday and announced the creation of a Cyber Safety Review Board within the Department of Homeland Security to investigate and respond to what it terms “significant” cyber attacks. While cynics might call this a late response whose long-term efficacy remains questionable, it does signal a new era in taking cyber crime more seriously.
We at Net Compliance Solutions have been taking cybersecurity seriously for years. If you have questions about Ransomware or any other topic feel free to contact us at info@trustncs.com, or give us a call at 855-879-2373.