Once again, due to suspected IoT vulnerabilities and exploitation, there has been another catastrophic cyberattack on an important piece of utility and energy infrastructure. As many know due to the widespread news coverage and impact on fuel prices, on Friday May 7, Colonial Pipeline, a privately-held company and one of the largest pipeline operators in the United States, reported that it had been the latest victim of a large-scale ransomware cyberattack.
May 26 Webinar: https://www.sightline.com/may-cybersecurity-webinar-vulnerabilities-you-never-knew-were-there/
Attack Facts:
Target: Colonial Pipeline
Industry: Oil & Gas, Critical Infrastructure
Date: 05/07/2021
Type of Attack: Ransomware
Demand: Demand of at least $4.4m bitcoin, confirmed by Colonial to have been paid
Suspected Perpetrator: DarkSide, a ransomware as a service (RaaS) criminal organization based in Russia Eastern Europe with suspected nation state ties, as well as a network of criminal co-conspirator affiliates
Method of Attack: Reported targeting of employes and extortion/purchase of user credentials
Unchecked access throughout the network and of IT & OT systems
Anti-detection mechanisms reportedly used, including script self-encryption
Immediate Impact:
Colonial CEO has confirmed a payment of $4.4m Bitcoin ransomware payment
Company forced to shut down all of its 5,500 miles of pipeline for multiple days
Took over 6 days for operations to fully resume
Has impacted already soaring gas & fuel prices around the country
These types of events can be avoided and the impact minimized. The introduction of “zero trust” networks and micro-segmentation helps to reduce the attack footprint within an environment. Sightline Systems and Unisys Corporation have introduced SIAS, combining their two state of the art solutions into one, they are providing manufacturers with easy to use yet powerful security to better protect their environments. “SIAS brings zero trust, cloaking, encryption and micro segmentation to network management in an easy-to-use package.” says Brandon Witte, CEO Sightline Systems. “Leveraging SIAS helps organizations reduce their attack footprint, which minimizes the scope and impact of attack exploitations such as this one” says Brandon.
“At the end of the day, you can’t attack what you can’t see.”
–Brandon Witte, CEO of Sightline Systems
For republication in full, additional coverage, or interview requests please contact:
Lily Maley
Chief Marketing Officer, Sightline Systems
301-778-8339
[email protected]
SOURCE Sightline Systems Corp