US pipeline hack to make ransomware risks a priority
US Colonial Pipeline’s operations have yet to be restored after last week’s crippling ransomware attack
Updated: May 17, 2021
Ransomware attacks on the West to pressure Russia · All Updates
Source: Sophos State of Ransomware Report, April 2021 and Gigamon Zero Trust Survey 2020
Outlook
Colonial Pipeline reportedly plans not to pay the USD5mn bitcoin-denominated ransom to the criminal hacking group DarkSide. The firm has restored from back-ups some of the 600 gigabytes of data stolen, but the hackers could release or sell the sensitive financial and personal data on the dark web, potentially facilitating future attacks.
The hack’s technical details will influence wider corporate cybersecurity. DarkSide appears to have successfully used its standard toolkit -- phishing to gain remote access log-in details -- spotlighting Colonial Pipeline’s inadequate network security architecture and staff training. The US government will push for wider adoption of zero-trust network security, which limits the ability of hackers to exploit one compromised account to gain access to other sensitive data zones.
Impacts
- Establishing robust cyber defence, response and recovery strategies is a high but necessary corporate cost.
- Cyber talent shortage, especially in emerging markets, will impede local industry and government efforts to boost cybersecurity.
- State actors are increasingly accessing the toolkits of private criminal actors by forging transactional collaborations.
See also
- Adoption of zero trust cybersecurity faces hurdles - Jul 5, 2021
- Efforts to curb ransomware crimes face limits - Jun 14, 2021
- US-Russian summit will not be a watershed moment - May 19, 2021
- Critical infrastructure sees rising cybersecurity risk - May 18, 2021
- Ransomware attacks on the West to pressure Russia - May 17, 2021
- Toshiba ransomware attack is warning for large firms - May 14, 2021
- Foreign cyberattacks will make US policy more coercive - Apr 6, 2021
- Tighter targeting will make ransomware more risky - Feb 8, 2021
- More graphic analysis