Colonial Pipeline Attack: How to Prevent Ransomware

Colonial Pipeline Attack: How to Prevent Ransomware

I am sure by now that you are aware of the cyber-attack that forced the Colonial Pipeline offline. This pipeline delivers about 45% of the fuel consumed to the East Coast, runs from the Gulf Coast to the New York metro area, and transports 2.5 million barrels of petroleum products each day. Given that this pipeline is a vital piece of U.S. infrastructure, even the President has been involved in the response.

From relaxing DOT regulations to mobilizing federal agencies, unlimited resources were made available to help restore operations. BUT STILL…

…the pipeline was out of operation for 5 DAYS!
…a $5 million ransom (a bargain really) was paid to TERRORISTS!
…there is NO GUARANTEE that vital information which was accessed won’t still be published!

If a similar attack happened at your company, what would be the impact? Without government support? Without relaxed federal regulations? This cyber-attack exposes the level of severity and impact of ransomware threats that the energy industry faces today.

Although there are no guarantees that your company will not be a victim of cyber-attacks, there are some basics steps that should be taken to mitigate the risk of a similar catastrophe unfolding for you, such as:

Conduct Regular Security Assessments

When was the last time you did a comprehensive vulnerability assessment? I mean, truly comprehensive – software, hardware, digital access, physical access, written policies, response plans, insurance, etc. Cybersecurity risk assessments are critical for helping to identify potential vulnerabilities and implement mitigation plans before it is too late. If you haven’t done a comprehensive assessment in the last 12 months, now is the time.

Verify Systems Are Updated 

Delaying or canceling software updates exposes you to a big security risk. Software updates include repairing security holes that have been discovered, adding new features to devices, and removing outdated versions, which could make the network vulnerable for hackers to get in.

 Utilize Proper Tools

Most people are aware that enterprise-level firewalls are required to protect your systems and data from the outside world. Firewalls alone are not enough. Multi-factor authentication should be in place on EVERYTHING. Privileged access management can help protect sensitive information. Modern anti-malware tools can scan both on-premise and cloud environments for hybrid networks. Dark-web monitoring can identify compromised accounts and systems before they have been exploited. Modern governance, risk, and compliance software can help streamline the management, auditing, and reporting on IT-based risks.

Train Your Staff

90% of data breaches are the result of employees unwittingly letting malicious actors in through the front door. They are the most vulnerable component of your network. Conduct regularly scheduled security training for your staff. Provide awareness of the threats they are most susceptible to, and train them on how to identify those threats. Deliver hands-on testing that goes beyond the “check-the-box” online videos.

Secure Your Home Environment

Your company’s network may be adequately protected, but what about your home network? Your employees' home networks? Organizations these days must take steps to extend information security beyond the office, particularly for high-profile targets.

I urge you to take this recent catastrophe as an opportunity to learn before it is too late. Revisit your controls, your backup situation, your response plan, your information security budget, your cyber insurance policy. Now is the time to take action. Contact Us and learn how we can help you implement this policies.