You have certainly heard about the Colonial Pipeline Ransomware Attack in the news. Reporters are predicting as much as a week of downtime before the system is running normally. Most are referencing DarkSide and pointing an accusatory finger to Russia. What we know is that the attack has forced the privately-held Colonial Pipeline to halt operations and retain a cybersecurity firm to assist in the remediation of the malware.
Colonial Pipeline itself has been described as the jugular of the United States gas supply and transports an estimated 45% of the fuel used on the East Coast. DarkSide is a Russia-based Ransomware-as-a-Service (RaaS) provider that sells malware on a subscription basis and even has a help desk to assist its customers in attacking your systems. Only a month after the Department of Justice launched a Ransomware Task Force, the country has now been hit with one of the worst attacks to date in terms of service interruption.
A Teachable Moment
We all need to consider the possibility of a ransomware attack. Even with security measures in place, in the case of a zero-day attack - in which the attacking software is unknown to the security industry - you may always be at risk. In many cases, the ransomware software is delivered as an e-mail attachment that is effectively downloaded and executed by an employee. This is successful in part because there is then some potential to subvert your security software. This makes common sense policies critical; we must all stop and ask for help before clicking suspicious attachments or any external links...including those from trusted sources.
The question then becomes, are you prepared for such an attack? Another important point here; are your critical systems backed up to multiple locations on a regular basis? We may be able to infer the answer for Colonial. If you do have multi-level security, onsite and offsite data backups, how long would it take to recover your critical systems and resume your business? Hours, days...weeks? We can help you answer that question and improve your security and recovery posture.
In our continuing cybersecurity efforts and as part of a end-to-end overhaul and modernization of our systems, we have formed new partnerships in network security, website security and disaster recovery that will allow us to recover your critical systems faster than ever thought possible. In addition to Bitdefender and Sonicwall, we will be making other exciting announcements soon!
WinTech has been the Winchester, Virginia area's leading IT provider since 2001. Would you like more frequent tech news, scam alerts, and new product info? Check back here and Follow us on Facebook!
Need consulting services? Call 540-722-2122 now or e-mail us at info@wintech.us
