News popped early yesterday detailing the largest infrastructure hack in United States history, shutting down one of the largest pipeline companies with ransomware. With details still emerging, it is unclear when services will be back online. With Colonial's pipeline infrastructure spanning all of the way from Texas to New Jersey, this will cause massive disruptions, price distortions and other consequences.
We're certainly not picking on Colonial here. Everyone is at risk, they just happened to be the victim. This particular attack was carried out by a criminal organization known as DarkSide, who label themselves as a "ransomware-as-a-service." Yes, you can now hire criminals to place ransomware for you.
One particular quote stuck out to me from the linked piece:
One problem, said Marty Edwards, Vice president of operational technology for Tenable, a cybersecurity firm, and a former senior DHS cyber official, is that there’s no down time for energy technology, and that makes it difficult to update software to protect against hacks.
“You can’t take the pipeline down every Patch Tuesday,” he said, referring to a routine day each month — the second Tuesday — when companies install cybersecurity updates to their systems.
Mr. Edwards is of course correct. You can't simply take down the energy infrastructure, which in turn makes them endlessly vulnerable to attack.
This means Intrusion's Shield solution is the ideal layer of defense for the energy infrastructure in the United States. This plug-and-kill solution takes just minutes to deploy. It is the ONLY solution on the market that completely stopped the SolarWinds breach last fall.
If some of the largest, most sophisticated companies in the world are vulnerable to attack, are you absolutely certain your company is not? If an honest and open reflection leaves you doubtful, please reach out to us and ask how YouAre | Secure can assist.