Earlier this year, the largest U.S. fuel pipeline was cyber-attacked causing a prolonged shutdown and a Federal state of emergency! This is one of many such occurrences of cyberwarfare on businesses and government organizations around the world. In this BlogBytes we will look more closely at cyberattacks and outline what you can do to help protect your organization against this ever present and costly threat.
According to a recent article, Colonial Pipeline was attacked by ransomware which forced the company to stop its operations which span 5,500 miles of pipeline. Per the article:
“Colonial’s pipelines transport approximately 45% of all fuel consumed on the [U.S.] East Coast. Federal authorities and law enforcement [were] contacted about the attack, according to Colonial.”
FBI FACT SHEET
The attack on the pipeline is certainly not an isolated case. An FBI fact sheet describes a number of attacks that have occurred including how the computer system at a U.S. County was attacked and infected by the Ryuk ransomware virus.
“The attackers demanded over $1.2 million in Bitcoin for a decryption key. Officials decided to rebuild their systems rather than pay the ransom and spent $1 million in new equipment and technical assistance. A user allegedly opened a malicious link or attachment which caused the infection.”
WHAT IS RANSOMWARE?
According to the definition provided by the FBI,
“Ransomware is a type of malicious software, or malware that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.”
In a recent state of ransomware report, 51% of the organizations were hit by ransomware attacks in 2020. Twice as many of the attacked organizations got their data back via backups versus organizations that paid the ransom. Which leads this discussion to ask – What should we do to protect our organization, our reputation, our customers?
If it’s more a matter of ‘when’, rather than ‘if’ your organization will be the victim of a cyberattack, it makes sense to be proactive in planning your defenses. There are a number of steps that you can take to prepare and prevent an attack. The FBI published a list of must do protective actions including:
- Backup your data, system images and configurations, test your backups and keep the backups offline.
- Utilize multi-factor authentication
- Keep operating systems, software, and applications current and up to date.
- Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
- Create a continuity or incident response plan in case your business or organization is the victim of a ransomware attack.
In addition, it’s important to educate employees on how to safely handle suspicious email and website links. Also, you should investigate and examine how attackers got access to your systems or could get access to your systems. In other words, plug the leaks in the systems pipes so they don’t leak anymore.
AIR GAP NOW!
As noted earlier in this BlogBytes, most organizations that were attacked in 2020 retrieved their data and regained their operations via data backups. The FBI points out that the backups should be secured offline. That is, they should not be connected to computers or networks. This is known as “air gapping.” It means creating an offline, detached copy of critical data that is not connected, thereby, preventing access by malicious cyber software. When an LTO tape cartridge is removed from the tape drive it is inherently air-gapped helping to prevent cyber sabotage.
Don’t wait — get ready and protect your data at your home location and in the cloud — Air gap it with LTO tape technology. See vital information about tapes compelling benefits against ransomware in this short video.