For years the government has prepared for a cyberattack on a power grid or gas pipeline in the United States. Still, the recent attack on the Colonial Pipeline came as a surprise since it was not a terror group.
The New York Times reported that it was a “…criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom.”
The Colonial Pipeline controls nearly half of the East Coast’s gasoline, jet fuel, and diesel. So, motorists panicked as gas stations were out of gas and closed. It was essential to turn off The Pipeline as the malware that infected back-office functions would make it difficult to bill for fuel delivered along the pipeline. Moreover, it could possibly spread into the pipeline’s operating system.
The consequences following the attack are still playing out. However, it proved how important it is to have backup systems for critical infrastructure throughout the government and private industries.
In this case, the pipeline’s operations were not totally isolated from the data systems held hostage by DarkSide, a ransomware gang believed to be from Russia. So, the company had to decide to turn off the pipeline. It then led to panic buying at the pumps, shut down of gas stations, and fear throughout the government.
The Energy and Homeland Security Departments said the country could only afford another 3-5 days with the pipeline shut down before mass transit had to limit operations. After that, chemical factories and refinery operations would have had to shut down.
A lesson learned
While the effects of the hack are ongoing, it was a hard lesson to learn. While Colonial might have thought they had impermeable data protection, the attack proved otherwise. It cost nearly $5 million in digital currency later to recover the data. They’ve learned the hard way what to do to prevent another attack.
How you can prevent a cyberattack
Our best defense for helping clients prevent cyberattacks is to always make sure data is securely destroyed, whether it’s stored on SSDs, hard drives or other locations. Many businesses think it’s safe enough to destroy data in house, but there are several reasons a professional company or specifically designed destroyer are needed to be sure the data is never recoverable.
SSDs and HDDs differ in lifespan, reliability, performance and how they need to be destroyed, but we offer several products that can destroy, degauss and sanitize (some all in one).
Interested in learning more about how to securely destroy your data and protect it from cyberattacks?
Contact us today!