Everything you need to know about the ransomware attack on Colonial
Pipeline
GET UP TO SPEED: Ransomware is rampant.
The biggest fuel pipeline in the United States was shut down in recent days
after hackers stole some one hundred gigabytes of data
from Colonial Pipeline and threatened to release it unless the company paid
up. The hack has been tied to an Eastern European (and possibly
Russia-based) collective known as DarkSide, and US President Joe
Biden has said that Russia bears some responsibility for the hack, even
though the attack does not appear to have been state-sponsored. How can
companies fight back against this rising trend of ransomware attacks? What
can the Biden administration do? And what will this mean for the prices you
pay at the pump? Our experts are here to fill you in, free of charge.
| |
|
A RISING THREAT
·
Colonial Pipeline is aiming to restore most of its
operations by the end of this week, as lines of panic buyers form at gas
stations across the Southeastern United States. Cynthia says any increase in
gas prices “is likely to be mildly escalatory and short-lived.”
But she adds that the hack “exposes
the soft underbelly of the nation’s critical energy infrastructure.”
·
If a company like Colonial, which should have the
resources for robust cyber defenses, could be “paralyzed,” Cynthia adds, that means
smaller companies are even more vulnerable to attack. “In that circumstance, an
environmental, explosive, or economic catastrophe might not be
averted.”
·
The threat goes well beyond energy. The Colonial
Pipeline hack is one of the most high-profile ransomware incidents in
recent years, but it’s part of a surging trend, David points out. According
to data compiled by the GeoTech Center, the global cost of ransomware attacks soared
from $11.5 billion in 2019 to $20 billion in 2020, with the
average downtime for an organization rising from 6.2 days to 16.2 days.
·
“The good news is technology is getting democratized,
and the bad news is technology is getting democratized,” David says. Ordinary “people can do things that
only sophisticated nation-states could do 40 years ago.”
HOW TO FIGHT BACK
·
If everyone is at risk, how can companies prepare? Andy suggests developing a “Plan
B” in case your operations are shut down and making sure all your IT “crown
jewels” are “fully backed up off-line and restorable.” He
adds that “conducting recurring and very realistic exercises will let you
know whether your plans work or need revision. Do all of that, then rinse
and repeat, and don't stop.”
·
David floats another idea:
space. Commercial satellites can be used to store company data as a backup.
“If you have
something that compromises ground-based assets, then you move to the space
cloud,” he says.
·
But couldn’t someone just hack your satellite? David says communication to
space assets would be limited, via only laser modems that would catch the
satellite as it passes overhead. “You have a little more control than over
the regular internet,” he says.
THE ROLE OF GOVERNMENT
·
Biden on Monday promised a “global effort” led by the US
Department of Justice against “transnational criminals,” along with
new public-private collaboration to improve cybersecurity. But Cynthia notes that the
government’s role of coordinating cybersecurity and advising private
companies “is
daunting and grossly underfunded.” When there’s a massive
breach, the typical solution would be for the government to take over, but
“there is no clear solution, no clearly articulated vision of what the
government would do if it took over.”
·
David urges more transparency
from governments and particularly private companies when they do get
hacked. Right now, many of them withhold information because they fear
reactions from customers or shareholders. But if we could map ransomware
attacks with the same precision that we have for COVID-19 cases, for
instance, it could be a real wake-up call.
·
“We’ve got cyber fatigue,” David says. “No one event is
going to motivate people to do anything. It’s when you quantify"
security breaches that more people will get involved in fixing it. “The solutions will come not from
policymakers, but from entrepreneurs.”
Dive deep on cybersecurity →
|
|
No comments:
Post a Comment