On May 14, I commented on how the Colonial Pipeline Ransomware Attack had driven a far-reaching Presidential Executive order to harden American civilian and government sites to the increasing intensity and frequency of cyber attacks. This is a brief recap: Colonial Pipeline (capitalization is estimated at $8B) operates a 5,500-mile gas and petroleum pipeline stretching from Texas to New Jersey in the United States, supplying 45% of the East Coast's fuel consumption. On May 7, 2021, Colonial Pipeline was hit with a massive Ransomware attack resulting in a shutdown of operations. Although the specifics of how this ransomware attack occurred are not yet available, similar attacks were traced back to unpatched vulnerabilities, compromised user credentials, or a simple phishing email. This massive shutdown impacted millions of Americans who relied on this pipeline for fuel. A long shutdown could have resulted in major gas shortages, further damaging the reputation of Colonial Pipeline. Colonial stated they've previously spent 200 million dollars on IT, proving it takes more than just technology to prevent an attack. Colonial Pipeline chose to pay $4.4M in Bitcoin to cease the attack. However, this attack was seen around the world as signaling to other cybercriminals the value in targeting similar industries and that more victims are willing to pay the ransom.
This incident put millions of small businesses at risk of similar attacks. Ransomware is not "that" kid in the basement causing mischief. Ransomware is an industry that is evolving with new tools and new "campaigns" to steal your business. But these "black hats" don't have to win. There are three tiers of efforts every small business should invest in continuously: Basic Protection (AV, firewalls, security policies, MFA, password management), bullet-proof Backups (offsite, multiple backups per day, self-locking), and User Training (frequent training on new attack methods, attack simulations, employee security "report card" as condition of employment). Once these are accomplished, Basic Protection can be extended to Advanced Protection as deemed appropriate or affordable for each small business. You can't depend on "black hats" to honor ransom payments or to not sell "your breach" information to others resulting in new attacks on you.
The Executive Order on Improving the Nation’s Cybersecurity will be forced on small businesses as we move into 2H2021 and beyond. Call HAWKi Solutions Group to assess your small business exposures and build the affordable protection you need for your business. You may not be capitalized for $8B, but you can't afford to pay $4.4M. HAWKi can deliver security affordably.
