On Friday, May 7, 2021, the Colonial Pipeline, a major fuel pipeline that supplies 45% of the jet fuel, gasoline, and heating oil the East Coast consumes, was hacked. Let’s talk about what happened and what the hack means for the future of cybersecurity in infrastructure.
The Hack
Colonial Pipeline was the victim of a ransomware attack that locked up its computers on the business side. In a statement, Colonial said they took certain systems offline and temporarily halted pipeline operations.
In another statement on May 11, the pipeline said it “continues to make forward progress in our around-the-clock efforts to return our system to service,” underscoring just how serious this threat was.
While the business side of things was affected, the industrial side – much more difficult to hack, typically – was electively taken offline to protect those assets.
The FBI confirmed Monday that a criminal group originating from Russia, named “DarkSide,” is responsible for the Colonial pipeline cyberattack. Though initial reports said Colonial had no intention of paying the hackers, it was later released that the pipeline did end up paying $5 million in ransom.
Ransomware: A Growing Problem
In their Mid-Year Threat Landscape Report 2020, Bitdefender discussed the cybersecurity threat landscape and the impact COVID and the surrounding events had on malware, including ransomware. From 2019 to 2020, the total number of global ransomware reports increased by 715%.
As more and more businesses and individuals host their daily operations online, ransomware threats have become more and more prevalent in the last year or so.
The Impact of the Colonial Pipeline Hack
Let’s also talk about some of the key takeaways from the Colonial Pipeline hack.
The first takeaway is that cyberattacks on the United States are becoming more sophisticated, frequent, and aggressive. These essential systems are constantly being targeted, and many of them are sorely in need of better technology-based solutions and more manpower.
Another interesting aspect of this incident is the information-sharing difficulties the government has run into. While they continue to request more details about the ransomware attack, Colonial – though it supplies and controls the gasoline supply to most of the eastern US – is still a private company, though they are cooperating with government officials to ensure nothing like this happens again.
Other private sector companies aided US agencies to help take a key server offline on Saturday, cutting off key infrastructure “used by the hackers to store stolen data before that information could be relayed back to Russia.”
Many cybersecurity experts say this should be a “wake-up call” for everyone. Government and industry experts are weighing in about how private companies may be using best practices to their knowledge, but may not be incorporating the latest and greatest options in a timely manner to prevent attacks of this magnitude. One thing is for sure – there isn’t a shortage of cybercrime, and it’s everyone’s responsibility to do their part in preventing it.
Protect Your Business with CyberFort
CyberFort offers a full security suite with a multi-layered security approach. Instead of implementing piecemeal solutions to hopefully protect your weak spots, or implementing a security system that doesn’t reach the network’s full perimeter, you should tailor your cybersecurity solutions to your business, your data, and your processes.
CyberFort Advisors are here to partner with you for all your cybersecurity needs – we have a full range of SOC solutions that include antivirus and firewall solutions that can help you stop ransomware in its tracks. Contact us at 1 (866) 221-4004 or email info@cyberfortadvisors.com to learn more.