The Colonial Pipeline ransomware attack is probably probably the most an important worst cyberattacks to have happened this decade. A hacker staff known as DarkSide stole with regards to 100GB of data from the Colonial Pipeline servers previous than locking them down and vital a ransom. Colonial Pipeline, with the assistance of FBI, paid spherical 5 million bucks to get better its strategies.
And it didn’t prevent there.
The decryption software supplied by the use of the hacker staff was once as soon as so slow that Colonial Pipeline had to use its non-public backups to get its strategies once more online. It worth Colonial Pipeline a lot more than the ransom, nearly unquestionably tens of tens of hundreds of thousands of bucks, to restore its strategies completely.
So, what is Colonial Pipeline and the way in which did this all get began?
What is Colonial Pipeline?
Colonial Pipeline operates a very powerful gasoline pipeline device in the us.
Its services and products extend over 5,500 miles stretching from Texas to New Jersey.
It transports spherical 100 million gallons of gasoline in step with day in conjunction with gasoline, diesel, and heating oil.
Seven airports get their jet gasoline immediately from Colonial Pipeline.
With reference to 45% of USA’s east coast in conjunction with New York, Washington D.C., Florida, Georgia, and the Carolinas get their gasoline from Colonial Pipeline.
How did the ransomware attack happen?
One leaked password.
Certain, you be told that right kind. The attack vector was once as soon as a single leaked password to an vigorous VPN account that was once as soon as not in use. Since multi-factor authentication was once as soon as not enforced, the hackers most straightforward sought after the username and the breached password to infiltrate Colonial Pipeline’s group.
Following the ransomware attack, Colonial Pipeline took its strategies offline to include the chance. This, in turn, resulted in panic-buying, shortages, and the most efficient conceivable spike in gasoline prices since 2014.
FBI- and CISA-recommended the best way to prevent ransomware attacks
Native apparatus and same old approaches to cybersecurity are actually now not sufficient to fight the large-scale, delicate attacks waged by the use of cyberattackers. In our webinar, FBI and CISA ideas to prevent ransomware attacks, our product experts will cover:
The timeline of the attack.
How the attackers got into Colonial Pipeline’s group.
The FBI and CISA’s ideas to prevent ransomware attacks.
Tips about find out how to enforce the ones ideas all over your IT environment.
Too busy? Take a look at whatsoever and we’ll proportion a recording of the webinar in an effort to watch when it’s at hand.
ADSelfService Plus is an integrated self-service password keep an eye on and multi-factor authentication solution with power-packed choices to protected your corporate from credential-based cyberattacks and prevent malware attacks. Need to uncover our software? Schedule a free demo with our product experts.
You are able to moreover take a look at ADSelfService Plus to your self with an distinctive, free, 30-day trial.
The publish The Colonial Pipeline hack uncovered: FBI- and CISA-recommended security features appeared first on ManageEngine Blog.
*** This can be a Protection Bloggers Group syndicated blog from ManageEngine Blog authored by the use of Sharon Raj. Be informed the original publish at: https://blogs.manageengine.com/corporate/elementary/2021/10/20/the-colonial-pipeline-hack-uncovered-fbi-and-cisa-recommended-security-measures.html