On May 8, 2021 Colonial Pipeline, an operator of a major gasoline pipeline based in Alpharetta, Georgia, fell victim to a major cyber-attack resulting in the shutdown of all its pipeline operations. Colonial Pipeline currently supplies approximately 45% of the fuel supply to the US East Coast. It is unknown at the present time how long the pipeline operations will be down, if they are down for an extended period this would likely affect the price of gasoline.
Colonial Pipeline was attacked by a ransomware threat. Ransomware is a type of malware that will target data and hold it hostage until the demands of the hacker are met. Sometimes ransomware can also lock down a system and block access to systems until demands are met.
Typically, the demands of the hacker are financial and will require the payment of a sum of money until the data is released or access to the systems is restored. Colonial Pipeline has not released any details on the specifics behind their attack other than they were attacked by ransomware and are moving quickly to resolve the cyber-attack and restore operations.
Ransomware is on the rise. According to the U.S. Federal Bureau of Investigations, there were over 2,400 reported ransomware incidents in 2020 with a financial impact of over $29M. The primary method of a ransomware attack begins with a phishing email campaign. Phishing is when the attackers will send a malicious email designed to convince individuals to click on a particular link. Once a person clicks on the link, it opens the door for the hackers to gain access to data and/or systems.
The repercussions of a ransomware attack can be devastating to a business. Beyond the financial impact, a business can suffer the loss of trust among customers, and damage to its reputation. Not surprisingly, ransomware can attack any type of business large or small. Cyber criminals are very savvy at targeting organizations and do not discriminate against businesses, schools and educational facilities, hospitals and healthcare providers, government agencies, and non-profit entities.
Can you prevent a ransomware attack? While there is no bullet-proof method to prevent a ransomware attack, there are measures that can be implemented to help prevent a ransomware attack or minimize the impact to your business in the event of a ransomware attack. The most important preventative measure is for a business to have a thorough Cybersecurity Incident Response Plan.
Today it is not a question of if but rather a question of when you will be subject to a cybersecurity incident and being prepared is critical. In addition, it is equally as important that a business implement the following measures to protect themselves against ransomware and other cyber-attacks:
- Stay up to date on all operating software and backup your data on a regular basis.
- Provide training and awareness to employees so they know how identify a possible phishing email.
- Review your IT program to ensure you have up to date cybersecurity tools implemented.
A cyber-attack of any kind can cripple the operations of a business. A ransomware attack can have a significant financial impact on your business’ bottom line.
At the Barone Defense Firm, we have lawyers on staff to assist your business at the development of a Cybersecurity Incident Response Plan and can serve you as counsel in the event that your business falls victim to a cyber related incident.