Special Alert: Colonial Pipeline attack
This past weekends’ ransomware attack on the Colonial Pipeline highlighted three things:
The US Critical Infrastructure (CI) continues to be a major target for hackers looking to exploit weaknesses in supply chains of all kinds.
Our adversaries are ramping up the severity of these attacks as they obviously could foresee the knock-on an attack on the pipeline would have.
In the US, the private sector owns roughly 85% of CI. For that reason, we have to have a much stronger coordination and perhaps even tighter regulations (and the manpower to enforce them) around public/private partnership so that we can ensure that economic drivers are not outweighing safety and security. Companies hate the R word (regulation) but when a company is first and foremost beholden to its shareholders and stock performance, there is a natural potential conflict that has to be considered.
Companies that have industrial control systems (ICS) such as SCADA are generally creating larger attack surfaces every day because they are adding “smarter” sensors and IoT devices that improve performance. The challenge is finding the right balance without jeopardizing safety as a first priority.
Although, this attack did not appear to have the goal of physical damage and bodily injury, we should take the threat very seriously. We should push hard for improvement in the sharing of threat information between the government and the private companies who can only build strong defenses if they know what the offensive playbook might look like.
To learn more about our vendor and supply chain solution, check out this video or visit the VendorGuard Page