From IT Systems to the Human Firewall: Lessons from the Colonial Pipeline Attack

This guest blog was contributed by Sai Venkataraman, CEO, SecurityAdvisor.


Last month’s attack on Colonial Pipeline was certainly not the first ransomware attack to ever be launched on an organization, though it will no doubt go down in history as one of the most impactful. While one of the largest pipeline operators in the United States was forced to shut down its systems in an effort to contain the threat, all pipeline operations halted. Days after the attack, the operator’s main lines continued to be offline, prompting the federal government to issue an emergency declaration which caused gas price hikes and supply shortage concerns in vast swathes of the East Coast.


Beyond wreaking havoc on the pipeline operator’s operations, Colonial also paid $4.4 million as a ransom to unlock its systems – proving that the real-world consequences of a successful ransomware attack can be devastating.


Unfortunately, these attacks are not solely limited to America’s critical infrastructure. They are also cheap, easy to execute, and lucrative, meaning cybercriminals will continue to launch these attacks against data-rich retailers, banks, and insurers, to essential service providers like hospitals, transportation operators, and food companies. In fact, the United States experienced 65,000 ransomware attacks last year, which equates to over seven per hour.


While ransomware attacks will never disappear, there are plenty of measures organizations can take to secure their IT systems and fortify their workforce, ultimately helping to prevent closures of operations and costly ransom payouts. These include:


  • Ensure all remote desktop connections are secure. Over the course of the pandemic, many workers used personal modems and routers to work from home. While remote access makes it easy for employees to connect in remote and hybrid work environments, these systems are also inherently vulnerable. Desktops that are inadequately secured make easy targets for cybercriminals looking to intercept communication – and are gateways for ransomware.

  • Create unique, complex, and rotating passwords. Passwords are the front line of defense in protecting sensitive data. With the right credentials, cybercriminals gain the administrative access needed to anonymously move around an organization’s network. By cre