One of the biggest cybersecurity stories in recent history is the ransomware attack on Colonial Pipeline. In fact, it is still impacting gas stations across the East and Southeast!
The pipeline spans from the Gulf Coast to the East Coast and transports about 2.5 million barrels of fuels and other refined petroleum products every day over a span of 5,500 miles. The Colonial Pipeline travels from Houston, Texas up through Linden, New Jersey.
On May 7, 2021, the company needed to temporarily shut down its pipeline operations due to a cyberattack. This had a far-reaching impact since the Colonial Pipeline supplies about 45% of the fuel supply used by the East Coast.
People began panic-buying and gas stations started running out of fuel. At least 12,000 gas stations across the East reported being empty and the shortage was felt across 11 states. Gas prices also began to rise above the $3 mark and there have been multiple reports of price gouging.
All of this came from a single ransomware attack and lack of proper cybersecurity.
On May 12th, Colonial Pipeline announced that operations had resumed. It is reported that the company paid close to $5 million in bitcoin ransom to the attackers to regain control of its systems.
The FBI has confirmed that the hacking group that perpetrated the attack is DarkSide. They are a criminal group that is suspected of being a Russia-based state-sponsored group.
An interesting thing to note about DarkSide is that it runs a ransomware-as-a-service operation. This means that it sells tools to help other bad actors carry out their own ransomware attacks. Unfortunately, this one-too-many model has been seen more often in the hacking world where hackers will sell “kits” with the ability to conduct all kinds of attacks.
Troubling Ransomware Statistics
Ransomware attacks happen to companies of all sizes and can be costly. Regardless of what type of business that you have, it is important to defend against these types of attacks.
Ransomware costs have been skyrocketing due to several factors:
- Companies that pay the ransom (like Colonial Pipeline did) embolden the hackers. Now they see this as a good way to make a lot of money.
- Hacking groups like DarkSide have made it easier for novices to conduct ransomware attacks through ransomware-as-a-service.
- Ransomware is a type of malware attack that offers a direct payout to the attacker instead of the hacker needing to steal data and then resell it.
According to the Sophos State of Ransomware 2021 report, the average cost of remediating a ransomware attack has more than doubled in the last year.
Cost of remediating a ransomware attack:
- 2020: $761,106
- 2021: $1.85 million
When you compare this to the average ransom demand being $170,404, you can see why companies end up paying a ransom to the attackers. It can cost 10 times more to undo the damage!
However, this just feeds into the cycle that causes more attacks and higher ransom demands.
Tips to Bolster Your Ransomware Defenses
The costs of becoming a victim of ransomware are high. This is especially true if you are a small business that can’t absorb the remediation costs. Fighting ransomware includes using multiple strategies to keep your devices and data protected.
Use Multi-Factor Authentication
Cloud applications can also be infected with ransomware. This type of attack isn’t just limited to computers and servers. One of the best ways to prevent breaches of your cloud accounts is through the use of multi-factor authentication for all of your logins.
Keep Your Network Continuously Monitored
You want to ensure that you have threat monitoring in place through managed IT support and systems like a firewall with advanced threat protection (ATP). ATP systems can identify threats and neutralize them without needing user interactions. This helps to stop ransomware and other malware before they can infect your system.
Use DNS Filtering
A majority of phishing attacks happen through malicious websites that trick users into clicking. DNS filtering can block a user from loading a page that injects their system and your network with malware.
Deploy Email Filtering
Email filtering is another important phishing defense. It can keep phishing and spam out of user inboxes. This significantly reduces your risk of falling victim to an attack.
Secure & Monitor Endpoints
Mobile devices now make up about 60% of the endpoints in a company. However, companies are often not properly protected from data being accessed by employee mobile devices.
It is important to have an endpoint device management system in place that allows you to properly secure employee devices that are used for business. This includes automatically applying updates and security policies and ensuring that they have malware protection.
Back Up All Business Data
If you’re hit with ransomware, you can drastically decrease the remediation costs if you have all your data (on-premises and cloud) properly backed up and easily recoverable.
It is important to use a backup and recovery system that is designed for fast recovery (not all are). This mitigates downtime costs, eliminates the need to pay a ransom and allows you to remediate the attack and return to normal operations quickly.
Is Your Business Properly Protected from Ransomware?
Sound Computers can help your Connecticut business ensure your IT security strategy has you properly protected against ransomware and other emerging threats.
Contact us today to schedule a free consultation. Call 860-577-8060 or reach us online.
Finding new features in the tools you already use is like a gift. Some features can translate into significant time and cost savings. However, that is only if you know that they are available to use and how to use them.Read more
One of the challenges for companies that are optimizing their technology along with their bottom line is choosing the smartest investments. This includes a balance of cost and affordability along with the savings and efficiency advantages.Read more
There has been a troubling rise in the number of attacks that target the very operating instructions that make a device function. The firmware layer sits outside of the operating system and holds most of the control over how the hardware interacts with other software (like an operating system). Read more
Putting together a robust cybersecurity strategy that keeps you fully protected is getting to be more complex all the time. Hackers are constantly coming up with new attack methods as well as organizing their efforts to make attacks more effective.Read more
Compromised passwords are a major cybersecurity issue regardless of the size of your business. In 2019, 80% of data breaches were due to stolen or hacked login credentials.Read more
Over the last decade, businesses have been going through a transition to the cloud. Some have been adapting faster than others, but most organizations have realized that the cloud is the future of any type of optimized and resilient business operation.Read more
Whether companies use IT support on an as-needed basis or use monthly managed IT services, they need a technology expert to help keep their tech running smoothly.Read more