The Damaging Nature of Cyberattacks and Ransomware
Cybersecurity is vital to critical industries that handle vast amounts of data such as energy, transportation, telecommunications, financial services, energy production and transmission, and chemical and manufacturing industries.
Yesterday the US government issued emergency legislation after the largest fuel pipeline in the US was hit by a ransomware cyber-attack. The Colonial Pipeline carries 2.5 million barrels a day, transporting about 45% of all fuel consumed on the East Coast.
This new relaxes rules on fuel being transported by road and means drivers in 18 states can work extra or more flexible hours when transporting gasoline, diesel, jet fuel, and other refined petroleum products.
“Quickly after learning of the attack, Colonial proactively took certain systems offline to contain the threat. These actions temporarily halted all pipeline operations and affected some of our IT systems, which we are actively in the process of restoring.”
“The Colonial Pipeline operations team is developing a system restart plan. While our mainlines (Lines 1, 2, 3 and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations.”
John Vestberg, co-founder and CEO of Clavister commented on the situation: “The DarkSide ransomware attack on the Colonial Pipeline highlights the increasing risk cyber criminals pose to critical national infrastructure (CNI). CNI, such as oil and gas, is a prime target for these ransomware gangs – systems are underpinned by a myriad of complex information and operational technology devices and so the consequences if these are infiltrated can be devastating. Attacks on CNI risk become the norm if action is not taken.”
Implications of cyber attacks
Successful cyber attacks can cause major damage to businesses and the impact of a security breach can be divided into three categories: financial, reputational, and legal.
The economic cost of cyber attacks
Cyber attacks often result in a substantial financial loss from things such as:
- Theft of corporate information
- Theft of financial information (e.g bank details or payment card details)
- Disruption to trading
Businesses that suffer a cyber breach will also normally have to cover costs associated with repairing affected systems, networks, and devices.
Trust is an essential element of the customer relationship. Cyber attacks can damage your business's reputation and the trust your customers have for you, which could potentially lead to:
- Loss of customers
- Loss of sales
- Reduction in profits
The effect of reputational damage can even impact your suppliers, or affect relationships you may have with investors and other third parties.
Legal consequences of a cyber breach
Data protection and privacy laws require you to manage the security of all personal data you hold, whether that be your staff or your customers. If this data is accidentally or deliberately compromised, and you have failed to deploy appropriate security measures, you may face fines and regulatory sanctions.
How to mitigate cybersecurity risk
Protecting your company against cyber attacks is extremely important and the National Cyber Security Centre outlines some efficient ways to reduce your organisations exposure to common types of cyber attacks on systems exposed to the internet.
- Boundary firewalls and internet gateways — establish network perimeter defences, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet
- Malware protection — establish and maintain malware defences to detect and respond to known attack code
- Patch management — patch known vulnerabilities with the latest version of the software, to prevent attacks that exploit software bugs
- Whitelisting and execution control — prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives
- Secure configuration — restrict the functionality of every device, operating system and application to the minimum needed for business to function
- Password policy — ensure that an appropriate password policy is in place and followed
- User access control — include limiting normal users’ execution permissions and enforcing the principle of least privilege
Cybersecurity's importance is on the rise and with technology developing constantly there is no sign that this trend will slow. A key step in the right direction to protecting information is ensuring your company has the right protection and procedures in place in case of an attack.
IT Employees Predict 90% Increase in Cloud Security Spending
As companies get back on their feet post-pandemic, they’re going all-in on cloud applications. In a recent report by Devo Technology titled “Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits”, 81% of the 500 IT and security team members surveyed said that COVID accelerated their cloud timelines. More than half of the top-performing businesses reported gains in visibility. In fact, the cloud now outnumbers on-premise solutions at a 3:1 ratio.
But the benefits are accompanied by significant cybersecurity risks, as cloud infrastructure is more complex than legacy systems. Let’s dive in.
Why Are Cloud Platforms Taking Over?
According to Forrester, the public cloud infrastructure market could grow 28% over the next year, up to US$113.1bn. Companies shifting to remote work and decentralised workplaces find it easy to store and access information, especially as networks start to share more and more supply chain and enterprise information—think risk mitigation platforms and ESG ratings.
Here’s the catch: when you shift to the cloud, you choose a more complex system, which often requires cloud-native platforms for network security. In other words, you can’t stop halfway. ‘Only cloud-native platforms can keep up with [the cloud’s] speed and complexity” and ultimately increase visibility and control’, said Douglas Murray, CEO at cloud security provider Valtix.
Here’s a quick list of the top cloud security companies, as ranked by Software Testing Help:
What are the Security Issues?
Here’s the bad news. According to Accenture, less than 40% of companies have achieved the full value they expected on their cloud investments. All-in greater complexity has forced companies to spend more to hire skilled tech workers, analyse security data, and manage new cybersecurity threats.
The two main issues are (1) a lack of familiarity with cloud systems and (2) challenges with shifting legacy security systems to new platforms. Out of the 500 IT employees from Devo Technology’s cloud report, for example, 80% said they’d sorted 40% more security data, suffered from a lack of cloud security training, and experienced a 60% increase in cybersecurity threats.
How Will Companies React?
They certainly won’t stop investing in cloud platforms. Out of the 500 enterprise-level companies that Devo Technology talked to throughout North America and Western Europe, 90% anticipated a jump in cloud security spending in 2021. They’ll throw money at automating security processes and investing in security upskilling programmes.
After all, company executives will find it incredibly difficult to stick with legacy systems when some cloud-centred companies have found success. Since moving from Security Information and Event Management (SIEM) offerings to the cloud, Accenture has saved up to 70% on its processes; recently, the company announced that it would invest US$3bn to help its clients ‘realise the cloud’s business value, speed, cost, talent, and innovation benefits’.
The company stated: ‘Security is often seen as the biggest inhibitor to a cloud-first journey—but in reality, it can be its greatest accelerator’.