fbpx
Mytek Logo
MyTek Logo

Cybersecurity Lessons from the Colonial Pipeline Attack

by | May 24, 2021 | MyTek Blog, Security

Q

Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

There has been a ton of news coverage about the recent cybersecurity breach of the Colonial Pipeline, which has caused significant gas shortages on the east coast. While it has not been restored, as the writing of this article, the way it was accomplished sets up a dangerous narrative. This attack has also set off bigger infrastructural changes in political spaces.

Let’s take a deep look at the situation to see what insights we can take away from this event.

The Colonial Pipeline Situation

A ransomware infection in the Colonial Pipeline systems was first noticed on May 7th. This prompted the fuel supplier to halt its pipeline operation on the southeast coast, in hopes that the malware would not spread any further. The attack was by a group called Darkside, who used a new method of attack called double extortion, which is where the cybercriminal locks data and threatens to leak it in order to get the victim to pay.

Darkside usually operates a cybercriminal service provider, in which they develop threats that other groups can use. 

When Colonial Pipeline halted its operations, it led to a part of the country suffering from a gas shortage. This led to hours waiting at the pumps and lack of gasoline. Even though they stated they would not be paying the almost $5 million in cryptocurrency the hackers demanded, it has been reported that they finally did so. 

This situation highlights a few serious concerns that need to be addressed by businesses everywhere. This also reveals a few things about the current state of cybersecurity in critical infrastructures.

Ransomware-as-a-Service is a Serious Threat

Darkside has become a prominent cybercriminal business in its short life, only seven months of existence, in which they’ve made at least $60 million. While the affiliate hackers retain most of the ransom fees, Darkside gets a cut because they handle a lot of the work. Darkside writes the ransomware, bills the targeted victims, hosts the data that has been stolen and serves as an IT and PR team for the cybercriminals.

Double Extortion Makes Ransomware Even Worse

Even though Colonial Pipeline had their data in a backup, they still had to pay the ransom fee. This is because the double extortion method was used. Instead of their data simply being deleted if it was not paid, they were also threatening to leak all of the data if they did not pay. This could have had huge repercussions and serious consequences. We obviously don’t recommend ransomware demands being paid out, but we understand why Colonial Pipeline did what they did to get out of this situation. 

Events Like These Will inspire Cybersecurity Improvements

U.S. President Joe Biden signed an executive order to boost cybersecurity protections, especially those surrounding critical infrastructures for the government and private sector companies of our nation. This created a task force committed to prosecuting hackers that use ransomware, and the removal of any barriers in contracts of reporting breaches. 

Cybersecurity is so important, and it won’t ever get any easier for businesses of any size. You should always take the proper security precautions to protect your business To learn more about security solutions available to you, give MyTek a call today at 623-312-2440.

ABOUT THE AUTHOR

Tim - Team

Tim Tiller, LMSW

 
Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.

Q

Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.

AUTHOR’S RECENT POSTS

Top 5 Hardware Monitoring Software 

Did you know that almost 40% of servers had at least one outage in the last twelve months? Veeam reports that the most common reason for outrages is infrastructure failure which puts the current hardware monitoring practices under the scanner. Hardware failures are...

Types of Mobile Malware & How to Defend Against Them

Malware has a long history of undermining computer security and stealing critical data. With the rapid growth of mobile usage, we're now seeing a new breed of mobile malware infecting smartphones and tablets. The new-age mobile malware are more advanced, seamless, and...

How to Protect Your Data Privacy & Enhance IT Security

Every time you use a device, you enter, modify or access data. Some of your usages are routine and public but sometimes you perform tasks that are confidential in your personal life or business. Naturally, this type of data is private and it should be kept that way....

Mobile? Grab this Article!

QR Code

Blog Archive

Share This