On Friday, May 7th, the United States’ Colonial Pipeline was forced to shut down operations in the wake of a ransomware attack, according to the New York Times. This pipeline is crucial to the continuous supply of gasoline, diesel, and jet fuel to the eastern United States – the company has stated that they’re responsible for 45% of the East Coast’s supply of fuel. They went on to name ransomware as the culprit in this attack.
According to Bloomberg, the cybercriminal group DarkSide are suspected to have conducted the attack. This is particularly noteworthy as DarkSide is independent, without known ties to any government. Previously, attacks on critical infrastructure were typically the work of state actors, but now independently organized groups of threat actors have begun creating attacks designed to cash in on vulnerabilities in critical infrastructure industrial control systems (ICS). Ransomware attacks such as this one, specifically designed to exploit critical infrastructure, are expanding like wildfire as threat groups improve their methods and tools, and the only way to stop them is with improved cybersecurity.
In all cyber threat situations, an ounce of prevention is worth a pound of cure. TXOne Networks has responded to this wave of rapidly increasing cyber risk with technologies that repel both previously-seen “known” attacks and newly-launched “unknown attacks”. StellarProtect secures modern systems with ICS root of trust and machine learning, while StellarEnforce locks down legacy systems with a streamlined trust list that restricts privileges to listed applications, users, and devices. By the time an attack happens, it’s already too late to deploy solutions – encourage cyber awareness in your team and secure your ICS with industry-friendly solutions to keep the operation running.