A major US oil pipeline, Colonial Pipeline, was shut down last week due to a ransomware attack which negatively affected the company controlling the pipeline.  Colonial Pipeline said it was forced to halt systems for its 5,500 miles of pipeline, which runs from Texas to New Jersey, after being attacked with the ransomware.

This was one of the U.S.’s largest pipelines, and the effects of its shutdown reverberated across the country resulting in exaggerated costs for gas, airline tickets, and heating, energy costs, and other financial hits and inconveniences.  The hackers who claimed responsibility for the attack, known as “darkside,” are an underground criminal hacking group believed to be operating within Russian borders.  They are unaffiliated with any political or government organization and state their goals are purely financial.

Ransomware is a Constant Threat

Ransomware attacks have grown more commonplace and are now the most favored tool amongst collective hacking groups.  Ransomware works differently compared to other traditional malware like viruses, spyware, or worms.  Ransomware’s goals are not destructive, instead, they look to exploit companies by encrypting their victim’s data and holding it hostage.

For a fee, the criminal hackers agree to release your files back to you, and not destroy or release them to the public.   This form of attack is occurring to companies both large and small across the globe.  As in the case of the pipeline attack, the attack was severe enough to stop business in its tracks and Colonial Pipeline suffered greatly as did many that depend on the pipeline which runs across the Northeast part of the country all the way down to Texas. Thus, this ransomware attack was very successful for the hackers that infiltrated them, causing enough of a disruption to be in the headlines and be a valuable target.

Recently, a ransomware attack targeted a cybersecurity firm called Fire Eye, which affected thousands of businesses and organizations that worked with the SolarWinds tools.  Prior to that was the infamous Sony Pictures hack, which saw the leaking of private data, movie scripts, personal information, and the loss of millions of dollars’ worth of data.

The FBI has reiterated that companies of all sizes should harden their IT and educate their staff to help prevent future success of ransomware attacks.  There have been several high-profile ransomware attacks that have occurred in just the past several years that will only grow and continue.

Securing Your IT Infrastructure

IT security has become extremely valuable to companies and organizations of all sizes.  One of the best practices that should be implemented in a businesses’ policies is to educate your team about what to look out for when checking their email or mobile phones as well as perusing the World Wide Web as well as methods to preventing ransomware from ever touching your devices.

Ransomware has several ways of infecting a computer and spreading to other devices on your network.  The most common method of ransomware is where it infects a user’s computer when the user unknowingly allows the infection onto their computer because the email is disguised as coming from an internal employee, the boss, a known vendor, or contains appealing links.  This can occur through fake emails called phishing attacks or when a user visits an infected website and clicks an ad or link that then infects their computer.

When it comes to phishing attacks, it’s important to recognize some tell-tale signs that an email could be infected.  If the email is requesting that you click on a link, you can always hover your mouse over the link to reveal where it’s actually going.  If the URL is a long string of letters and numbers that don’t make sense, it’s likely a fake website trying to collect your data or infect your computer.

You should also check the message headers of any suspicious emails to verify the person sending the email is who they say they are.  Misspellings, odd punctuation, and creating a sense of urgency are all red flags that you and your team should be aware of when dealing with email.  If the message seems untrustworthy, you should report it as spam, inform your system admin, and move on.

Anti-virus and education can only get you so far.  For companies that take their IT security seriously, they team up with the experts at a managed IT security company like Natural Networks so they are worry-free and can focus on growing their business.  If you’re interested in learning more about managed IT security, give us a call today!