Colonial Pipeline Attack Brings Ransomware to the Forefront of Cybersecurity

Colonial Pipeline, one of the largest fuel pipelines in the U.S., remains largely paralyzed after a ransomware cyberattack that took place over the weekend forced the temporary shutdown of operations. The company shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the nation’s East Coast fuel supply.

The attack attracted national news headlines and also spurred an emergency declaration from the White House, which lifted regulations on select U.S. drivers, allowing them to drive between fuel distributors and local gas stations on more overtime hours and less sleep than federal restrictions normally allow.

The incident highlights the rising threat of ransomware and the ongoing targeting of the nation’s aging critical infrastructure.

We heard from cybersecurity experts on what this latest large-scale ransomware attack means for the industry and how we should respond as a cybersecurity community and nation.

Matt Trushinski, Technical Director, Arctic Wolf

"Ransomware-as-a-Service is big business and we are not surprised groups like DarkSide are capitalizing on extortion techniques that are quickly becoming a hallmark for many eCrime actors. The hallmark of DarkSide attacks, among other eCrime groups, is that they do extensive research on their targets and are mainly interested in large corporations. This creates a sense of urgency especially as we see critical infrastructure suffering kinetic impact. This situation illustrates a growing security crisis. It’s imperative that if prevention fails, there is a world-class security operations infrastructure in place to detect, manage, and mitigate any threat."

Nick Cappi, Cyber Vice President, Portfolio Strategy and Enablement at Hexagon

"While all the details of the attack are yet to be made public, it appears that this is a ransomware attack that landed on the IT network. In an abundance of caution, Colonial shut down some or all of th