In early May, the sudden demand for gas along the East Coast revealed more about our nation’s cybersecurity than its supply of gas. On May 7, the Colonial Pipeline halted operations after discovering a ransomware attack on their company’s information technology systems. This type of attack gives anonymity to the attackers as they seize important corporate data while demanding a ransom. 

What to Know About the Pipeline Hack

What Happened in the Pipeline Hack?

 Once Colonial realized that their corporate computer systems were under malware attack, they shut down operations as a precaution to avoid the hackers attacking the pipeline itself. Shortly after, consumers began panic buying gas, causing gas stations in the Southeast to run out of fuel. Colonial paid the $4.4 million ransom. While this may have fixed the short-term problem, many wonder if this may invite more malware attacks. The lesson to be learned: preventative measures must be taken to avoid these kinds of attacks.

Now Is the Time to Invest in Cybersecurity

The pipeline incident put a public spotlight on the ransomware threat. While discussion regarding the pipeline hack will likely fade out from public conversation soon, companies recognize the importance of what it means for their future. The government and private industry must both prevent and handle cyberattacks when they occur. Rapid backup systems must be developed for the moments when critical infrastructure goes down.

The cyberattack early this month reveals vulnerabilities in our nation’s energy infrastructure. America’s pipelines, electric grids, and power plants are vulnerable to cyberattacks. Companies in the healthcare and energy industries should take this incident as a warning. The need to modernize infrastructure, invest in cybersecurity, and harden assets is apparent.

Five bi-partisan cybersecurity bills were recently submitted in the House to address recent events of cyberattack, including H.R. 3138, The “State and Local Cybersecurity Improvement Act” and H.R. 3243, The “Pipeline Security Act.” The Colonial Pipeline ransomware attack has also changed the RaaS (Ransomware as a Service) landscape. Some RaaS groups have been forced to change the rules of their organizations to no longer attack government, healthcare, educational, and charity organizations. Cybercrime forums such as XSS and Exploit have banned ransomware ads due to the recent backlash. Despite these changes, ransomware attacks will continue to pose a threat to companies across the world simply because the money is too good.

So, What Does This Mean for Middle Tennessee?

Ransomware is a threat that companies will continue to face every day. 43% of security breaches affect SMBs, and on average, small companies lose over $100,000 per ransomware incident.[1] In Middle Tennessee, SMBs need to protect their data from many different kinds of attacks, paying close attention to:

• Cloud security- Many companies opt for cloud solutions, but this poses a risk for data exposure.

• Evolving ransomware- Attacks similar to the pipeline hack are not exclusive to large corporations and will continue to be a threat to small and medium sized businesses.

• Cyberattacks via social media- Cybercriminals can damage a company’s reputation via botnet social media accounts, stealing personal details from potential customers.

Employees’ lack of awareness of the dangers of possible cyberattack can be a threat to a company. Educating employees on the various kinds of attacks, from malicious links to ransomware, is an imperative first step to protecting a company’s infrastructure.

Learn how to encrypt your email or avoid a phishing scheme on our blog.

Steps You Can Take to Protect Your Business

At a minimum, it is imperative that your organization’s network and IT systems are proactively managed--not just supported--by qualified IT professionals who understand the evolving threat landscape. Without consistent monitoring and active maintenance, it is just too easy for cybercriminals to gain a foothold.

Beyond that, it’s now time to start considering advanced threat detection tools. There are good guys in this fight as well, and tools are coming online at price points amenable to small and mid-sized businesses that can make a huge difference in whether a cyberattack succeeds or fails. 

Above all, when developing a business’ IT strategy, cyber security must be a priority. Outsourced IT consultants will have experience in handling unfamiliar varieties of security breaches. Here at Affinity Technology Partners, we focus on developing ever evolving, faster, and more efficient ways to deal with any cyber threats and security issues that inevitably pop up for any business. 

Since 2002, Affinity has been a go-to for IT solutions and managed IT services for businesses of all sizes in Nashville, Tennessee and beyond. Please give us a call if we can help answer any of your questions. After working with dozens of companies, we would advise you- if you are unsure that you and your company are safe, you should ask and verify!