The recent ransomware attack on Colonial Pipeline has highlighted the increasing threat of cybersecurity attacks on businesses and infrastructure. The pipeline that was forced to shut is the equivalent of a major artery that feeds the fuel-hungry East Coast of the United States.
The pipeline system, which runs from Texas to New Jersey, supplies nearly half of the East Coast’s fuel requirements. Apart from crucial gasoline, the system also supplies heating fuel, jet fuel, and military supplies.
The attack was carried out by a group known as DarkSide. This group infiltrated the company’s servers and encrypted its data. Once the data was encrypted, DarkSide demanded a ransom to restore it. They also stole a copy of the data. In all likelihood, this is to further blackmail the company by threatening to publicly release the data unless a further ransom was paid.
Cybersecurity experts have called the attack the biggest known cyberattack on U.S. infrastructure.
Attacks like this have become a global blight, affecting banks, universities, health systems, and a host of other sectors. According to one cybersecurity firm, last year there were 2,400 recorded attacks in the U.S. But the problem runs much deeper than this. Many victims won’t report the attacks due to the loss of public confidence such admittance causes.
Part of the problem is the “bolting on” of new IT systems on top of existing legacy systems. This creates vulnerabilities that cybercriminals can exploit. Amongst the industries that are most vulnerable to this type of attack are:
Healthcare
The healthcare sector is amongst the most vulnerable to this type of attack. Experts believe that across the USA there is at least one security breach a day. This has so far resulted in an estimated 27 million patient records being sold on the “darknet.”
The problem is that the majority of healthcare organizations are left vulnerable because they aren’t capable of warding off the attacks. This sector is one where there is still much reliance on legacy software and hardware. Many are still reliant on older, less-secure, and unpatched operating systems.
Recent studies have disclosed that 80% of U.S. physicians have experienced at least one cyberattack.
Energy Industry
As demonstrated by the Colonial Pipeline attack, experts have always pointed out this sector as being especially vulnerable to cyberattacks. They are also high-value targets to cybercriminals. By gaining control of these systems hackers can cause chaos. Power outages and fuel shortages are the obvious threats. These can undermine critical infrastructure and endanger the lives of millions.
Of course, one of the main worries in this sector is if a nuclear facility was hacked, the ramifications here could be devastating.
Companies that have suffered breaches
The problem is getting worse and recent breaches have included two that saw a total of 3.5 billion people having their data stolen. The biggest of these was Yahoo!, this one attack impacted over 3 billion users and 500 million users had their email addresses, full names, date of birth, and telephone numbers stolen.
Whilst this is the largest other companies that have had their security breached includes: –
• Marriot International – 500 Million affected customers
• LinkedIn – Twice once in 2012 and once in 2016 totaling 165 million user accounts
• Heartland Payment Systems – Over 130 million credit cards exposed
• eBay – 145 million affected users
• Adult Friend Finder – 412 million accounts affected
This is just the tip of the network, the fact that companies are unwilling to go public about this can be demonstrated by the reluctance of Yahoo! to admit to the breach. The breach took place in 2014, yet Yahoo! didn’t make a public admission until 2016.
What is certain is that the latest attack on Colonial Pipeline and attacks like the ones detailed are going to happen again, and although having your email address and password stolen is individually disastrous, what is even more worrying is the power that such hackers have is now such that they can bring an entire economy to a grinding halt.
Leave a Reply
You must be logged in to post a comment.