Managed Service Provider

By //  by 

Lessons Learned from the Colonial Oil Pipeline —

A flag is seen at Colonial Pipeline Northeast District in Baltimore, Maryland on May 10, 2021. – The US government declared a regional emergency Son May 9, 2021 as the largest fuel pipeline system in the United States remained largely shut down, two days after a major ransomware attack was detected. The Colonial Pipeline Company ships gasoline and jet fuel from the Gulf Coast of Texas to the populous East Coast through 5,500 miles (8,850 kilometers) of pipeline, serving 50 million consumers. The company said it was the victim of a cybersecurity attack involving ransomware — attacks that encrypt computer systems and seek to extract payments from operators. (Photo by JIM WATSON / AFP) (Photo by JIM WATSON/AFP via Getty Images)

May 6, 2021 will be a day that goes down in history.  This is the day the Colonial Oil Pipeline went down, causing a nationwide disruption.  Even though the pipeline only services a portion of the east coast, the effects of the shutdown were felt across the country as gas prices skyrocketed, lines at gas stations were so long it took hours to get through and gas stations were pumped dry as people bought gas and put it in whatever container they could gather just to assure themselves they would have enough to get through the closure.

If you think about it, this type of ripple effect is not confined to energy and utility providers.  While the scale of the effect would not be at the level of the pipeline, the devastation it could leave in its wake for your business and your customers is just as likely.

 What’s the big deal?

To start – part of what rocked many in the cybersecurity industry is that no matter the size of your business, or the expertise of your cyber-professional staff, no one is immune to an attack.  These malicious hackers are so well funded (some even by their government as was the case with Colonial) and highly skilled and it is like playing whack-a-mole with all the best cybersecurity best practices.  As soon as you patch a hole, they find another and the game begins again.   So the problem is deeper than just improving cybersecurity.  However, there are things you can do that can reduce the risk of falling victim to a cyber attack.

  1. Effective Password Management – initial surveys are suggesting that one of the biggest problems with Colonial Oil’s cybersecurity was inadequate passwords.  Cypress Data Defense list some of the biggest password mistakes that open your network to increased risk.  They are weak passwords, using the same password across multiple sites, or password recovery systems with generic authentication questions (i.e., birthday, pets name, etc).  Some ways to counteract potential password problems are to enforce strong passwords, set up two-factor authentication, encrypting system passwords and installing stronger authentication rules for lost passwords.
  2. Outdated Software – another problem found for Colonial Oil was that an outdated version of Microsoft Exchange was still in service, creating an opportunity for unknown users to access your network.   In early March, Microsoft announced four vulnerabilities on the exchange server that syncs email and calendar functions.  This “gap” allowed hackers to gain access to users’ email accounts and install malicious code on the organizations’ servers.  While Microsoft reacted quickly and developed patches for the gap, it’s clear that Colonial Oil did not update theirs in time.  This is why updating software is so important and needs to be done proactively and frequently, and one of the best ways to counteract this risk is to set a schedule of when you will perform routine software updates to minimize the disruption to your employees but help you maintain effective security for your network.
  3. Lack of Cyber Education for Employees – Phishing attacks have increased by 11 times since 2016, according to the FBI, and nearly doubled from 2019 to 2020.  96% of phishing attacks are delivered via e-mail and 74% of attempts in the US are successful, highlighting the significant need for thorough, effective staff cybersecurity education.

The Challenge Remains…

Cybercriminals are increasingly industrialized and well-funded – meaning they have resources well above what the average business could manage.  As a result, they are able to evolve rapidly and strategically, and cyber defense has been unable to evolve as quickly.  While there is no fool-proof cyber protection, following the general best practices can put you in the right direction to significantly reduce your cyber-risk.

How to prevent cyberattacks

Even with such significant growth in the rate of cyberattacks, all hope is not lost.  TechRepublic recently compiled a list of 10 things you can do to help prevent your business from being a victim of Ransomware.  While speaking specifically to ransomware, the same principles can be applied to malware and other hacking protocols.  These are taken directly from TechRepublic and include:

  1. Keep clear inventories of all of your digital assets and their locations, so cybercriminals do not attack a system you are unaware of.
  2. Keep all software up to date, including operating systems and applications.
  3. Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  4. Back up all information to a secure, offsite location.
  5. Segment your network: Don’t place all data on one file share accessed by everyone in the company.
  6. Train staff on cybersecurity practices, emphasizing not opening attachments or links from unknown sources.
  7. Develop a communication strategy to inform employees if a virus reaches the company network.
  8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
  9. Perform a threat analysis in communication with vendors to go over the cybersecurity throughout the lifecycle of a particular device or application.
  10. Instruct information security teams to perform penetration testing to find any vulnerabilities.

Schedule a Security Audit Today

While brilliant minds are being used to harm, others are being used to protect those same businesses.  ComNET Solutions has over 20 years of experience in securing and managing networks just like yours, and we can help you develop a plan to keep your business safe from these malicious sources.  Give us a shout today at 619 840-7490 or ComNET.MSP@gmail.com and be proactive in your cyber defense.

“School’s out for summer

School’s out forever

School’s ancient history

No more pencils

No more school books

No more teacher’s dirty looks, oh!”

Those of us with children have been hearing this song on repeat as we wrapped up yet another strange year of school.  Yet there is hope on the horizon.  We know these last 18 months or so have been a wild ride, and we hope that you are starting to see the light at the end of this very long tunnel.  As business gets back to pre-pandemic levels, now it is even more imperative that you have appropriate cyber-security protocols in place to protect your business assets that have been so hard-won over this last year.  Did you know we offer a free security audit?  We’d love to do a health check on your security protocols and make sure you are as protected as you can be as we all get back to normal.  Give our office a call at <insert phone number> and schedule yours today.  It won’t cost you anything to check…but it could cost you a bundle if you don’t.

Hope to talk to you soon!

Michael Marquardt

ComNET Solutions

Want to find out more, click here to contact us:

Click to Schedule a Phone Call or Video Chat