While most of us were celebrating Mother’s Day on Sunday, Colonial Pipeline was attempting to assess the damage related to a cyber-attack last week. Colonial Pipeline accounts for 45% of the East Coast’s fuel (diesel and petroleum). Colonial has had to take 4 of their main pipelines offline; they are operating off of smaller lines and delivery points. Impacts from New Jersey down through Texas are expected. As a response to the cyber-attack and limitation of the company’s resources the US government issued emergency legislation to lighten the regulation on fuel transportation. Extended shutdowns are “fueling” fears over pump prices.
The 5 Key anticipated cybersecurity risks in 2021 were reported as Endpoint threats (servers, VPNs and cloud based software services), Remote workforce exposures (weakened network security of remote devices), Cloud Security (business-critical data on cloud platforms), and Shortage of security professionals or services (availability and affordability). You can check out the full article here of expected cyber threat trends for 2021.
Newer threats emerging are “multi-stage attacks like ransomware or “low and slow hacks”. Ransomware attacks gain exposure through stolen credentials and are designed with the goal of systems and data infiltration. While mutli-factor authentication (MFA) is an important security feature to mitigate ransomware attacks, it is reported that 78% of Microsoft 365 admin users don’t activate MFA.
Colonial Pipeline’s hack is reported to be a ransomware attack, ” Sources said the ransomware attack was likely to have been caused by a cyber-criminal gang called DarkSide, who infiltrated Colonial’s network and locked the data on some computers and servers, demanding a ransom on Friday.
The gang tried to take almost 100 gigabytes of data hostage, threatening to leak it onto the internet, but the FBI and other government agencies worked with private companies to respond. The cloud computing system the hackers used to collect the stolen data was taken offline on Saturday, Reuters reported.
Colonial’s data did not appear to have been transferred from that system anywhere else, potentially limiting the hackers’ leverage to extort or further embarrass the company, the news agency said.” You can read the full Colonial Pipeline article issued by BBC News here.
Mitigate Your Cyber Security Risks
1 – Identify and document asset vulnerabilities; What data are you storing?
2 – Identify and document internal and external threats; disgruntled employees, Dark Web techniques
3 – Assess your vulnerabilities; software security up to date and in place
4 – Identify potential business impacts; financial, operational, etc
5 – Identify and prioritize your risk responses; Response plan, best practices, documentation of procedures