Print Friendly, PDF & EmailPrint
  • Gasoline Fuel Exports

Colonial Pipeline Attack: 3 Key Takeaways

Published On: July 9th, 2021Categories: blogBy
Print Friendly, PDF & EmailPrint

In May, the Colonial Pipeline attack opened the eyes of business leaders and government officials across the United States to the significant and immediate risk ransomware posed to organizations around the world.

For nearly a week, a ransomware attack on the pipeline, which provides around 45 percent of the gas and fuel to the East Coast of the United States, halted operations as the company worked to recover its data and ensure safety. Ultimately, Colonial Pipeline paid $4.4 million of ransom to attackers to speed up recovery.

While the pipeline is currently back up and running, there are many lessons that businesses in every industry can learn from the incident to ensure they’re protecting themselves from a similar fate. Here are three takeaways:

Ransomware attacks on the rise

Ransomware attacks were up 150 percent year over year in 2020, and 2021 seems to only have increased the rates of attacks further. Since the Colonial Pipeline attack in May, we have also seen significant ransomware attacks hit global meatpacking company JBS, the Irish health system, and more. The White House urged companies to protect their networks against attack.
The reality is that organizations of every size and industry are being hit by ransomware, disrupting operations and, in some cases putting the company out of business altogether. Companies and the managed service providers (MSPs) that support them need to educate themselves in this threat and take the necessary steps to mitigate this risk.

Importance of basic cybersecurity hygiene

— While the impact of the Colonial Pipeline attack was significant, its cause was just a single compromised password. This underscores the importance of basic cybersecurity hygiene in mitigating the risks of an attack. According to an advisory put out by the Cybersecurity & Infrastructure Security Agency (CISA) following the attack, organizations should ensure cybersecurity basics, such as multi-factor authentication, updating software, filtering network traffic, and implementing user training programs.

MSPs can play a critical role in helping businesses evaluate their current protections and ensure cybersecurity hygiene is maintained regularly.

Need for critical infrastructure security

— As more organizations look to leverage the benefits of connected critical infrastructure systems, they also need to mitigate the new risks that may pose. Part of the reason the Colonial Pipeline took so long to recover was to ensure the safety of the company’s critical infrastructure systems, which stretch across more than 5,500 miles of pipeline. Organizations or their MSP partners need to make sure they are using the appropriate technologies to segment these IT-OT assets.

For an MSP, these takeaways represent areas that they can leverage to educate their customers and implement solutions to mitigate those risks. While the Colonial Pipeline attack was a devastating event, it can also hopefully serve as a learning experience for organizations and MSPs everywhere to improve their cybersecurity posture against today’s threat landscape.

Share this entry

You might also like
Unveiling 5 Little-Known Zoom Tricks to Elevate Your Virtual Meetings
Unveiling 5 Little-Known Zoom Tricks to Elevate Your Virtual Meetings
Gallery

Unveiling 5 Little-Known Zoom Tricks to Elevate Your Virtual Meetings

April 12th, 2024
5 Key Strategies Employed by Managed Service Providers (MSPs)
5 Key Strategies Employed by Managed Service Providers (MSPs)
Gallery

5 Key Strategies Employed by Managed Service Providers (MSPs)

March 22nd, 2024
Navigating IoT and Cybersecurity
Navigating IoT and Cybersecurity
Gallery

Navigating IoT and Cybersecurity

March 8th, 2024
Best Information Technology Person
Is This You? Time to Reevaluate Your IT Partner
Gallery

Is This You? Time to Reevaluate Your IT Partner

February 16th, 2024