As an IT Support and Managed IT Provider, we make it our business to know what security risks each of our client’s systems face. Unfortunately, not all businesses realize the internal and external threats they may encounter. Ransomware is one such threat that can bring a business, and more recently, an entire industry to its knees. While we handle mostly small to medium-sized businesses in the healthcare, dental, and professional fields, we thought it important to point out a ransomware attack that occurred last month at the Colonial Pipeline Company. The attack shut down operations, caused a fuel shortage, and then snowballed into panic buying of gasoline in states located in the southeast region of the United States.
What Happened to Colonial Pipeline?
Colonial Pipeline operates a main gas artery along the East Coast of the United States. On May 7, 2021, the company informed the F.B.I. that there was ransomware on its system. The F.B.I. believes it was placed there by a group known as Darkside. Bloomberg reported that, “hackers stole about 100 gigabytes of data as part of a double-extortion scheme.”Usually in a ransomware attack data is stolen and a ransom is demanded in order for the information to be accessed again. In a double extortion scheme, the cyber criminals threaten not only to hold the data hostage but to also expose the information.
How Did Colonial Pipeline Respond?
In order to contain the threat, Colonial Pipeline immediately took certain systems offline. In doing so they also temporarily halted all pipeline operations. This is where the snowball begins to roll. It is important to note that Colonial Pipeline operates in 14 states across the southeast. Their operations include seven airports, and pipelines that carry more than 100 million gallons of fuel per day! They are currently working with shippers to deliver fuel along the over five thousand miles of pipeline that they control in an attempt to stop the fuel shortage.
The Damage Is Done
In response to consumer fears of another pandemic-like shortage similar to the toilet paper shortage we all experienced in March 2020, the Department of Transportation agency posted a regional emergency declaration for 18 states and Washington, DC. The state of emergency was declared "in response to the unanticipated shutdown of the Colonial Pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel, and other refined petroleum products throughout the affected states." Sadly, the damage was done and the news of the shutdown caused massive panic buying by consumers fearing they would be left without gas for an indeterminate amount of time.
Defending Against Ransomware
What can we learn from this event? We can takeaway from this ransomware event the reminder that certain security actions should not be taken for granted or put off for a better time. Here are a few suggestions that every business should consider to prepare themselves for a potential ransomware attack.
Conduct regular backups and store them away from your system. This can help in recovery and getting back to business in the case your data is held hostage.
Don’t ignore regular software updates that will have the most recent security updates.
Patch when possible.
Conduct penetration testing to see where vulnerabilities exist.
Increase your access control security.
Talk to your Managed IT Provider about ways you can protect your data from hackers.
