Security News > 2021 > May > How to prevent another Colonial Pipeline ransomware attack

The ransomware attack against Colonial Pipeline represents a relatively new and destructive type of threat against critical infrastructure.

The attack against Colonial Pipeline is hardly the first one against critical infrastructure.

"If you think about water treatment plants, power grids, rail systems, power plants-they all utilize the technologies that we see in Colonial Pipeline, meaning there could be latent cyberattacks waiting on other infrastructure that supports other parts of the U.S.," Bridges said.

"In many ways, oil and gas is self-regulated. The pandemic caused budgets to be slashed, and often IT and infosecurity are seen as 'non-essential' by the business units that fund them. Considering that oil and gas companies-including pipeline companies-are not nearly as regulated as other critical infrastructure, it wouldn't be surprising if the federal government takes a closer look at this part of our energy industry."

Zix's Troy Gill said he believes that the FBI and other government agencies stepping in to help with the Colonial Pipeline attack is a critical measure, similar to the way the FBI stepped in to remove Microsoft Exchange web shells to protect organizations.

"Until the operators of public water systems, energy pipelines, nuclear power plants, bridges, tunnels, airports and other key infrastructure elements get serious about thorough and tough-minded IT asset management, we are going to see more and more ransomware attacks like the one on Colonial Pipeline."

News URL

https://www.techrepublic.com/article/how-to-prevent-another-colonial-pipeline-ransomware-attack/#ftag=RSS56d97e7