Ransomware Shut Down US Pipeline

One of the nation’s largest pipeline operators was forced to shut down their network Friday following a ransomware attack. In what is being called the worst cyberattack on critical US infrastructure in history, Colonial Pipeline shut down their 5,500 miles of pipeline to contain the breach. The Georgia based company transports more than 100 million gallons of fuel per day including gasoline, diesel, jet fuel, and home heating oil. Oil analysts say the shutdown could affect gas prices if it goes on for more than a few days. The immediate concern is the supply of jet fuel to large airports like Atlanta and Charlotte. Colonial Pipeline moves 45% of the fuel from the Gulf Coast of Texas to customers in the southern and eastern United States.

The attack has been confirmed by the FBI to originate from a group of cybercriminals known as DarkSide. They are a new and particularly cruel criminal gang who admit to targeting hospitals, schools, universities, nonprofit organizations, and government infrastructure. The group reportedly stole and encrypted 100 gigabytes of data from Colonial Pipeline they are threatening to leak if the ransom is not paid.

Eric Goldstein, executive assistant director of the cybersecurity division at CISA said, “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

These high profile attacks continue to keep IT security in the news and at the forefront of business owners’ minds. The SolarWinds breach was an illustration of the capability and scope of a nation state attack. At the same time we see ransomware attacks on small businesses or city governments who often don’t have the budget for IT infrastructure. Ransomware payments peaked in Q3 of last year with an average payout of over $225,000 per incident. Criminals understand many small businesses don’t have the resources to defend against these attacks and have no choice but to pay the ransom.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright