1. Home
  2. Sectors
  3. Security / Defence

US pipeline hack to make ransomware risks a priority

Thursday, May 13, 2021

US Colonial Pipeline’s operations have yet to be restored after last week’s crippling ransomware attack

Updated: May 17, 2021

Ransomware attacks on the West to pressure Russia · All Updates

Infographic exploring the spread of ransomware attacks in 2020, looking at geographical spread, the sectors that were most impacted, and which sectors were most likely to pay a ransom.

Source: Sophos State of Ransomware Report, April 2021 and Gigamon Zero Trust Survey 2020

Outlook

Colonial Pipeline reportedly plans not to pay the USD5mn bitcoin-denominated ransom to the criminal hacking group DarkSide. The firm has restored from back-ups some of the 600 gigabytes of data stolen, but the hackers could release or sell the sensitive financial and personal data on the dark web, potentially facilitating future attacks.

The hack’s technical details will influence wider corporate cybersecurity. DarkSide appears to have successfully used its standard toolkit -- phishing to gain remote access log-in details -- spotlighting Colonial Pipeline’s inadequate network security architecture and staff training. The US government will push for wider adoption of zero-trust network security, which limits the ability of hackers to exploit one compromised account to gain access to other sensitive data zones.

Impacts

  • Establishing robust cyber defence, response and recovery strategies is a high but necessary corporate cost.
  • Cyber talent shortage, especially in emerging markets, will impede local industry and government efforts to boost cybersecurity.
  • State actors are increasingly accessing the toolkits of private criminal actors by forging transactional collaborations.

See also