What We Can Learn from the Colonial Pipeline Ransomware Outbreak
The closure of one of the US' largest pipelines due to ransomware on Friday, May 7, serves as the latest reminder of the real-world consequences of a successful cyberattack. When ransomware linked to the DarkSide ransomware-as-a-service (RaaS) threat group struck Colonial Pipeline’s networks, likely via a phishing email, the company was forced to halt operations and freeze IT systems after over 100GB of corporate data was stolen in just two hours.
If anything highlights the severity of the modern email risk that all businesses face and the need for adaptive supplementary email security defenses, this is it. As cyberthreats continue to evolve, this is highly unlikely to be the last time we witness the widespread disruption and devastation that a ransomware attack can cause.
Overview on Ransomware Attack?
Ransomware is a type of malware designed to block access to a computer system until a sum of money in the form of untraceable Bitcoin is paid. It does this by encrypting a victim’s files until they have made the payment demanded by the attacker.
Ransomware can be delivered via multiple vectors, the majority of which utilize email. In a double extortion scheme, the attackers pilfer the data and threaten to publish it.
On Wednesday, The Washington Post reported that Colonial wasn't planning on paying a ransom to the hackers. Instead, it was working with a cybersecurity firm to restore data from backup systems, the paper reported, citing people who were familiar with the situation.
Learn why ransomware is a threat to your business and measures you can take now to safeguard your users, key assets and hard-earned reputation.