By Mark Damm, Founder and CTO
Fuel shortages, panic buying and rising gas prices. The Colonial Pipeline attack is having a huge impact on our day-to-day lives and it is on track to be one of the most economically damaging.
Right now, we don’t know the details of exactly how this attack was carried out, and we probably never will. We do know it was the result of ransomware, so we can probably make some reasonable assumptions about what happened. Most likely an employee clicked a link in a cleverly disguised email, unwittingly providing hackers with credentials and access to their systems.
I am sure that the Colonial Pipeline situation will be studied in detail, and we may even see some recommendations or policy changes in the future. But for now we ALL remain the target of criminal ransomware gangs, so it pays to be aware.
If a highly-secure critical infrastructure provider can fall prey to ransomware – so can you. If you’re concerned about your security, consider the following three questions:
- Are your employees accessing email and other phishing targets, such as USB ports, in the same place they access critical systems? Secure virtual desktops can lock critical employee work stations down.
- Are your networks segmented appropriately? IT (information technology) systems should be separate from OT (operational technology) to prevent damage to physical equipment and systems.
- Are the third-party applications and software you are using safe? Small / mid-sized software operators often lack the features required for secure operations, such as multi-factor authentication and private network.
These are the first areas my mind went when this attack came to light. I am sure there are many others. Do you need help securing your critical infrastructure? We can help. Contact us on the form below and we’ll be in touch.