This past Thursday, a ransomware attack on computer systems that run the Colonial Pipeline caused a temporary shutdown of a large swath of critical infrastructure. Hackers infiltrated the system, locked about 100 gigabytes of data, and held it hostage in exchange for a ransom. They even threatened to leak the data on the internet in the event the ransom is not paid. In a briefing, the FBI confirmed that a group called DarkSide was responsible for the security breach.
The bad news: In response, the Colonial Pipeline Co immediately took certain systems offline in order to mitigate the threat. Since this particular pipeline supplies 45 percent of the gasoline and jet fuel to the southern and eastern United States, a severe shortage of gas and jet fuel is ongoing.
The good news: The hack did not directly affect the pipeline itself, but the shutdown was necessary as a precautionary measure to prevent the threat from spreading farther into the system. Business systems were protected, as well as those that operate the pipeline itself. We can all breathe a sigh of relief, knowing that criminals are not controlling the pipeline.
However, there is still the shutdown to be dealt with. With gas supplies running low, stations selling out within hours of deliveries, and prices skyrocketing, concerns remain for a large section of the country’s infrastructure. Everything from school and work attendance, to delivery of critical supplies could be affected in coming days.
The larger concern, of course, is that hackers could and did disrupt such a significant part of the country’s infrastructure. But it’s important to remember that while these more dramatic stories tend to make national news, ransomware and other types of attacks happen daily. Hackers actually target small businesses more frequently than they do larger ones, because smaller organizations tend to employ fewer security measures overall. Therefore, while the payoff is much lower than the ransom demanded of a large oil company, the work is much easier and offers swift “results”.
For this reason, we urge smaller businesses to never assume that you are immune from ransomware attacks! If you deal with data – and everyone does, to some degree – then you must employ the best network security methods available to you. For more information on that, call us at 888-RING-MY-TECH and we’ll help you troubleshoot and secure your system.
And remember: Never pay a ransom. Doing so only encourages more of this behavior. Keep all sensitive data backed up securely at all times, so that its theft would trigger only a disruption and not a complete loss.