Infrastructure isn’t often the first thing that comes to mind when we think of cybersecurity and ransomware, but after the major Colonial Pipeline incident, that is likely to change.
The evening of Friday, May 7th, the cyberattack was announced as all pipeline operations were halted. Three days into the attack, on Sunday, Colonial stated it was developing a restart plan. With fears of shortages and the prospect of rising gas prices becoming very real, the same day the Biden administration issued emergency waivers to lift restrictions on fuel transportation by road. Finally at 5 p.m. ET on Wednesday, operations resumed.
Five days doesn’t seem like nearly enough time to cause a major disruption, but the reality is even a single day offline would’ve lead to a significant interference. After all, Colonial transports 2.5 billion barrels of oil daily, delivering about 45% of the fuel consumed on the East Coast. Connected to almost 300 distribution terminals, the criticality of the Colonial Pipeline to national infrastructure has made this attack one of the most disruptive incidents in the United States.
The Current Cyber Landscape
Cyberattacks run rampant. Hardly a day goes by when we don’t hear about a company falling victim to ransomware, or the like. Not only is taking advantage of ill-prepared organizations incredibly lucrative for malicious actors but it’s often very simple and easy with little investment needed.
Water, sewer, power plants, hospitals, airports, emergency services – any of these services being inhibited or shut down altogether could be devastating.
Imagine just a few scenarios:
- A sick individual not being able to receive critical care from a hospital or having a heat stroke because of a power outage
- An airport causing worldwide delays by going offline for even a few hours
- A village unable to provide clean water
Businesses too, of every type and size are under constant barrage. When a company experiences a cyberattack it can lead to halted operations, significant hits to reputation, the loss of critical data and funds, and even the organization closing its doors. While not quite to the same level as an attack on infrastructure, these consequences shouldn’t be minimized.
The stakes are high for every organization and because everything has become connected by technology, there absolutely needs to be a heightened emphasis on cybersecurity going forward.
Looking Ahead: Consider Inevitabilities
When it comes to safeguarding data, information, systems, networks, etc., vigilance is key. Whether a power plant or an SMB, organizations must first understand the threats and assess the current situation.
In most cases, there are several improvements that can be made, such as investing in physical and cyber risk management plans and implementing employee educational series. Segregating and controlling network access and constantly testing software are also great implementations.
Of course, not everything can be prevented (a hard lesson for many to learn about cyberattacks) as no form of security is foolproof. For this reason, a backup and disaster recovery plan is essential. In the wake of an attack, having a detailed and organized plan set out will lessen downtime and the negative effects on those using the service. Consider how detrimental those five days were for Colonial Pipeline…
While your SMB isn’t supplying oil to the entire Eastern Seaboard, there are employees, customers, partners, and investors that rely on you. Don’t fall short by ignoring the essential need for advanced cybersecurity.