After the Colonial Pipeline hack, all organizations must strengthen cyber defenses

Storage tanks at a Colonial Pipeline Inc. facility in Avenel, New Jersey on Wednesday, May 12, 2021.

Mark Kauzlarich | Bloomberg | Getty Images

The recent ransomware attack on Colonial Pipeline was an all-too-familiar story for businesses in the United States.

The pipeline, which supplies around 50 million people from the Gulf Coast to the entire east coast with fuel, was closed last Friday as a precautionary measure after a ransomware attack. The company and the US government are continuing to investigate the extent of the impact.

In the past few months, ransomware attacks have hit businesses of all sizes and hospitals in New York, Nebraska, Oregon, and Michigan, among others. Police and sheriff offices, schools, and local governments, from Atlanta to Baltimore to Fisher County, Texas, have suffered a similar fate.

A recent report from the Ransomware Task Force, a group of 60 cybersecurity experts from industry and government, highlights both the alarming increase in the frequency of these attacks and the size of the ransom they are asking for.

It is estimated that $ 350 million in ransom was paid to attackers in 2020 – an increase of more than 300 percent from the previous year – with an average payment of over $ 300,000.

According to a 2021 report, most of the industrial casualties in 2020 were in manufacturing, professional and legal services, and construction. Healthcare, manufacturing, and education companies saw significant increases. Attacks on industries like aerospace also seem to be increasing.

Organizations affected by ransomware are often faced with a very difficult decision: either have to pay a ransom and fuel a criminal market, or refuse to pay and hope that their computer systems can be restored.

If companies decide to pay the ransom to get back up and running quickly, the price can bring their business to the brink of bankruptcy. In addition, there is no guarantee that their systems will be restored.

In short, businesses in every sector and size need to take this threat seriously and take steps today to protect themselves. By the time you face an attack, it will be too late to take proactive action.

Organizations can also lose access to their protected information, including intellectual property, customer and employee data, and suffer reputational costs.

Protecting the American people and businesses from ransomware must be a top priority as a nation. We can no longer look the other way and simply treat ransomware as a nuisance. This latest attack should serve as a reminder to organizations across the country to step up their cyber defenses and stay one step ahead of future threats.

Like most cyber attacks, ransomware exploits the weakest link. Small businesses are particularly at risk as many of them are financially vulnerable and lack the resources to install cybersecurity software, ensure constant technology monitoring, provide staff training, and hire full-time information technology professionals.

It’s no surprise that small businesses make up half to three-quarters of all ransomware victims. And when these companies become targets, it can have devastating and lasting effects, forcing some to permanently close their doors.

In short, businesses in every sector and size need to take this threat seriously and take steps today to protect themselves. By the time you face an attack, it will be too late to take proactive action.

The good news is that you don’t have to do it alone and there are affordable solutions for every budget. That’s why the departments of Homeland Security and Commerce are working together to help businesses prevent and respond to ransomware attacks.

A few simple but important steps can go a long way in protecting against this category of malicious cyber activity. Our two departments strive to work with companies and their CEOs.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is well positioned to help organizations take preventative measures to increase resilience before an attack occurs.

CISA recently launched its “Reduce Your Risk of Ransomware” campaign of free public guidance and resources to help companies prepare for these attacks and assess the strength of their company’s cyber stance.

Practical guide

The CISA website also links to the practical guidance from the Department of Commerce’s National Institute of Standards and Technology (NIST), which draws on its in-depth economic and technical expertise. The National Cyber ​​Investigative Joint Task Force has also provided guidance on how to respond to a ransomware attack.

Improving basic cybersecurity hygiene to prevent ransomware is important, but only part of the solution. The Biden Harris Administration coordinates a strategy across government to increase resilience, disrupt and investigate ransomware networks, and bring perpetrators to justice.

However, the federal government cannot fight ransomware on its own. Prevention, disruption and law enforcement require cooperation at all levels of government and in the private sector – both domestically and internationally.

Our departments will continue to advocate a comprehensive approach to combating ransomware to keep our communities safe. The requirements of malicious ransomware attacks require nothing less.

In the coming weeks, we will be stepping up our departments’ relationships with the private sector and exploring new initiatives to support businesses, healthcare systems and local governments. These public-private partnerships will continue to protect our businesses, our economy, and our national security.

Alejandro N. Mayorkas is the US Secretary of Homeland Security and Gina M. Raimondo is the US Secretary of Commerce.

Comments are closed.