As pretty much everyone knows by now, Colonial Pipeline, one of the US’ largest pipelines carrying 2.5 million barrels per day (45% of the East Coast’s diesel, gas and jet fuel supply) and spanning from Texas to New Jersey, was forced to proactively shut down on Friday, May 7, due to a cyber attack.
The FBI issued a statement confirming that DarkSide, a well-known cyber-criminal gang, was responsible for the attack. The BBC states that many cyber-security researchers have speculated that the cyber-criminal gang could be Russian, as their software avoids encrypting any computer systems where the language is set as Russian.
It’s a storyline that’s become all too familiar, where ransomware is to blame for cutting a business off at the knees, leaving casualties in its wake far and wide. And while it can be overwhelming trying to combat these onslaughts of attack, it’s a good reminder to stop and assess your current security hygiene…
Are you doing what you can to keep your organization safe?
To effectively protect against cyber threats, you need solutions that:
- Stop threats at the edge.
- Control who gets on your network.
- Simplify network segmentation.
- Protect users wherever they are.
- Find and contain problems fast.
But where does one even start? At OneNeck, our security experts believe that a solid place to start with any security strategy is with established security frameworks, such as the CIS Critical Security Controls.
These Controls represent the collective thinking of IT experts across multiple industries and can be used as a guide to assess for good cyber hygiene and provide a prioritized set of actions to be used to addresses security vulnerabilities. These practical actions, which combine technical security and risk management, can help mitigate the most common attacks against systems and networks and reduce corporate risk. Collectively, they can help you take a defense-in-depth approach to building your security program.
So, don’t wait until it’s too late to address the security gaps that can be exploited by bad actors. As OneNeck CISO, Katie McCullough, says… “To avoid becoming a ransomware victim, businesses should take actions that include putting security processes in place to ensure your IT environment is fully protected. It can be a journey, but you don’t have to go it alone.”
If you’re interested in talking with one of our security experts, we’re here to help.
Learn more from OneNeck’s CISO about the Anatomy of Ransomware in this informative blog.