BNMC Blog

What Can Businesses Learn from the Colonial Pipeline Ransomware Attack?

What Can Businesses Learn from the Colonial Pipeline Ransomware Attack?

The recent hack of Colonial Pipeline has led to no shortage of problems, chief among them gasoline shortages all across the east coast of the United States. The pipeline’s operations may have been restored, but the question still remains: what could have been done to stop it, what can we learn from this incident, and what changes can we expect to see as a result?

Let’s take a closer look at the Colonial Pipeline ransomware attack and what can be learned from it.

What Happened at Colonial Pipeline?

Ransomware was first discovered at Colonial Pipeline on May 7, 2021, thus prompting the facility to shut down pipeline operations along the southeast coast. This shutdown was initiated out of an abundance of caution so that the malware could not spread to other parts of the system. The group in question, an organization of newcomers called DarkSide, used a dirty new trick in the ransomware hacker’s methodology called double extortion, where the cybercriminal forces the victim to pay by threatening to leak the encrypted data out into the world (in addition to making them pay to get the data back).

DarkSide itself has earned a reputation as a cybercriminal service provider. They develop threats, then issue them to groups, kind of like a malicious Software-as-a-Service offering.

When Colonial Pipeline put a stop to the threat, the supply chain for gasoline was so disrupted that gas shortages became abundant. Many people panic-bought gasoline in response to this, not unlike the beginning of the COVID-19 pandemic when it became hard to find simple household goods like toilet paper or cleaning supplies. 

Did Colonial Pipeline pay the piper in the end? The company initially refused to shell out the $5 million in cryptocurrency demanded, but reports show that they ultimately did so. After receiving the payment, Colonial Pipeline was given a slow decryption tool that was used in conjunction with their own backup solutions.

Such a major hack was sure to spark some conversation about cybersecurity and infrastructure as a whole, so what lessons can be gleaned from this scenario?

Ransomware-as-a-Service is a Major Problem

DarkSide managed to build a network of affiliate hackers to collaborate on services and share in the profits. With a net gain of at least $60 million in the first seven months, it is clear that these services are in high demand. The affiliate hackers keep most of the ransom fees, whereas DarkSide handles the majority of the work, performing tasks such as writing the ransomware, billing victims, hosting the encrypted data, and acting as IT support or public relations.

All in all, it is a remarkably sophisticated arrangement; one that should have every business professional concerned. By making ransomware so much more accessible, literally anyone can direct an attack under the right circumstances.

Double Extortion is Double the Trouble

Normally a data backup would be enough to make a ransomware attack null and void. After all, the organization in question could simply restore a backup from a point before the ransomware infected the system.

Unfortunately, even though Colonial Pipeline did have a data backup system in place, the double extortion method forced them to pay the hackers in the end. If the user does not pay up, the hacker could just threaten to release the data to the world, and if that data is sensitive in nature or holds trade secrets, the ramifications could potentially be more devastating to a business than a massive ransom. In this case, it makes sense for Colonial Pipeline to pay up, as the decision was likely influenced by government regulations and public opinion, but we think it’s safe to say that this method will be used to a large degree of success in the years to come.

These Situations Can Inspire Cybersecurity Innovations

One way in which governments and other private sector companies are fighting back against these types of threats is by boosting cybersecurity protections for critical infrastructure. In particular, an executive order from United States President Joe Biden has created a task force to prosecute hackers that use ransomware. This order clears the way contractually for federal agencies to report severe data breaches, which are now expected to be within three days of the incident. These devastating attacks on critical infrastructure demand considerable action, and these improvements are just the beginning.

The future might be uncertain, but you can remain certain that your organization will be at risk of hackers and other cybersecurity threats if you fail to take the necessary precautions against them. BNMC can help your business toward that end. To learn more, reach out to us at 978-482-2020.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, June 15 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.bnmc.net/

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Productivity Business Computing User Tips Cloud Email Privacy Software Network Security Hackers Efficiency Business Computer Workplace Tips Microsoft Data Hardware Google Hosted Solutions Malware IT Services Internet Innovation Communication Mobile Device Mobile Devices Smartphone IT Support Small Business Android Phishing Users Ransomware Cloud Computing Tech Term Data Recovery Backup Managed IT Services Cybersecurity Information Windows Smartphones Quick Tips Saving Money Miscellaneous Outsourced IT Disaster Recovery Passwords VoIP Upgrade communications Network Browser Data Backup Facebook Microsoft Office Business Management Social Media Windows 10 Business Continuity Server Collaboration Managed Service Office 365 Gadgets COVID-19 Productivity Managed IT Services Internet of Things Apps Remote Work Artificial Intelligence Windows 10 Data Management Infrastructure Analytics Gmail Word App Save Money Mobile Office Vulnerability Information Technology Remote Monitoring Managed Service Provider Router Conferencing Money Remote Workers Spam WiFi Encryption Government Chrome VPN Holiday Access Control BYOD Data Security Applications Display Compliance Company Culture Website Automation Remote IT Support Tip of the week Employer-Employee Relationship Virtual Reality Paperless Office Google Drive Networking HIPAA Settings Virtualization Computers Unified Threat Management IT Management Education Business Technology Apple Storage Virtual Private Network YouTube Maintenance Firewall Risk Management Hacker Data storage Managed Services Document Management Employee-Employer Relationship Robot Office Tips Wireless Computing Avoiding Downtime End of Support Operating System Antivirus Development Social Big Data BDR Bandwidth Wi-Fi Content Filtering Cryptocurrency Vendor Mobile Security IT Social Network Free Resource Going Green Data loss Server Management Retail Alert Telephone Systems Business Intelligence desktop iOS Touchscreen Managed IT Images 101 Printing Tablet Password How To Monitors Regulations Blockchain Vendor Management Chromebook MSP Augmented Reality Managing Stress Solid State Drive Two-factor Authentication Outlook Laptop Patch Management Managed IT Service Identity Theft OneNote Bring Your Own Device The Internet of Things Training Data Breach Customer Relationship Management Scam Remote Computing Hard Disk Drive Windows 7 LiFi Budget Humor Software as a Service Break Fix Hosted Solution Best Practice Cybercrime Search Administration Downtime SaaS Marketing Mouse RMM Solar Entertainment Dark Web Assessment Digital Signage Data Warehouse Network Management Google Docs Shortcuts Mobile Management Cyber Monday Smart Tech IT solutions Monitoring Solid State Drives Dark Data Update Policy Work Legislation Employees Voice over Internet Protocol Hacks Employee-Employer Relationships Cooperation Service Level Agreement Streaming Processor Banking Bitcoin Hybrid Cloud Halloween Microsoft Excel Politics Hotspot Holidays Internet Exlporer Digital Payment Google Wallet Troubleshooting Business Analysis SharePoint Meetings Business Growth Disaster Security Cameras Profiles Smart Technology Work/Life Balance Distribution Connectivity Digital Spying National Security Techology Customer Service IT Technicians Procedure Optimization Memory Statistics Office Samsung Modem Gig Economy FinTech Analysis Students Lenovo Health Private Cloud Staff Leominster Legal Human Error Reviews Windows 8 Scalability Scary Stories Mail Merge Tech Support Language Payment Card Value Unified Communications Drones Virus Downloads Recycling Uninterrupted Power Supply Utility Computing Running Cable Shortcut Distributed Denial of Service Logistics IoT 2FA Spyware Updates VoIP Unified Threat Management Mirgation PCI DSS Device Reducing Cost Bluetooth Comparison Social Engineering Cookies FBI Computer Care Mobile Device Management IBM Mixed Reality Buisness Firefox Superfish K-12 Schools File Sharing Deep Learning Twitter Social Networking Migration Consulting Sports Address Permissions Websites Computing Infrastructure Inventory Professional Services LED Threats Virtual Desktop Chatbots Battery eWaste Alt Codes Laptops Asset Management Star Wars Workstation PowerPoint User Error Mobility Batteries Specifications Safety Nanotechnology K-12 Education Corporate Profile Wearable Technology Peripheral Network upgrade Multi-Factor Security Motherboard user treats Cables G Suite Alerts Shadow IT USB Automobile Co-Managed IT Heating/Cooling Identity Files Continuity Typing Dell Managed Services Provider Fraud Memes Cost Management Onboarding GDPR Time Management Printer Network Congestion Cabling Print Toner Myths Black Friday Screen Reader Instant Messaging Charging Current Events WannaCry Slack Hard Disk Drives Management Smart Office Servers Google Calendar Writing Shopping Wires Messaging Emergency Licensing Gamification Dongle Google Maps Content Huawei Web Server what was your? Unsupported Software IT Budget Regulation GPS IT Consultant Computer Repair Relocation Cameras Mobile Data How To Tracking Recovery Cleaning Black Market CCTV Printers Webcam Law Enforcement Notifications Electronic Medical Records Physical Security Error Point of Sale Ben McDonald shares Upgrades Gadget Emoji Crowdsourcing Mobile Computing Travel Personal Information Botnet Financial 3D Printing Supercomputer CrashOverride Cortana Motion Sickness Staffing Processors Taxes Machine Learning Administrator

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3