If you’re a fan of the show It’s Always Sunny in Philadelphia, you’ve no doubt seen a “gas crisis” and the drastic lengths that people may go to when one occurs, such as “the gang” hoarding barrels of gasoline and putting it in their car:
Well cut back over to the real world and a real gas crisis and things don’t look all that much different:
So, what’s the point?
The point is that these days, there is no sacred ground when it comes to a cyberattack.
Ransomware hits Colonial Pipeline
It’s hard not to have heard about the ransomware attack that shutdown the Colonial Pipeline over the last few weeks. This pipeline supplies just under 50% of fuel consumed along the East Coast. Darkside, a Russian cyber attack group, shut down the pipeline for an entire week.
The impact of this attack resulted in gas prices skyrocketing over $3 a gallon in areas of the country where such a thing normally never is even a thought. In other areas of the country, up to 75% of gas stations were completely out of gas. It was the first time since 2014 that the average gas prices across the country exceeded $3.
So yeah, it is safe to say this attack was kind of a big deal. Colonial Pipeline surrendered a $4.4 million ransom payment to the attack group to retrieve the decryption program. Unfortunately for Colonial Pipeline, the program ran so slowly that it was essentially useless.
“You get what you pay for?”
The Ransomware Problem
This attack continues to shed light on some troubling truths these days when it comes to these types of attacks. First off, ransomware continues to be the favorite method for many of these attack groups. A prediction communicated by cyber security experts, and proven in reality.
For attack groups like Darkside, ransomware payments are money up for grabs if executed successfully.
In their response to the attack, Darkside mentions they are “simply trying to make money”. Ransomware continues to be one of the easiest ways for attackers to do that.
If an organization is ill prepared for a cyberattack, specifically ransomware, they will likely pay the ransom payment. Getting systems back online, no matter the cost, is a better alternative than having to shut down completely. Understandable…maybe…no…not really.
Many organizations are not prepared for that moment where they could become the next victim. That could mean several things:
- Unaware Users
- Unpatched Systems
- Misconfigured Equipment and Software
- Weak Passwords
- Security Updates Undeployed
- Lack of proper backup procedures
- Top Management not Dedicated to Cyber Security
- Top Management not Dedicated to Cyber Security
- Top Management not Dedicated to Cyber Security
- One more time…
- Top Management not Dedicated to Cyber Security
Many times, it comes down to a “it’s not going to happen to us mindset” that leads to some of these shortcomings listed above and a lax security culture. Over time, all these shortcomings can build up into a ticking cyber time bomb and when it blows, it can really blow.
Don’t be Another Victim
The historical examples are all there to prove how a lax security mindset can come back to harm organizations and the people they there to serve. Look at Equifax. Look at the Oldsmar water treatment plant in Florida. Look at Colonial like we are talking about here. The list goes on and on.
It is now more important than ever to take security seriously at the forefront and not deal with it after the fact when it is much costlier for your organization or even takes it under. Some organizations are fortunate to recover because of their size, however especially in the case of ransomware, there are a lot that are not quite so fortunate (if that’s what we want to call them).
The COVID-19 pandemic is finally winding down to an end in the United States and around the globe, but the ransomware epidemic is just getting started.