In early 2021 the Colonial Pipeline Company, the largest system of pipelines for oil products in the US, paid out over 4 million USD in ransom following a cyber attack. This means that hackers gained access to the company’s computerized controls over the pipeline and requested that the company pay the ransom in order to regain control over the lines. The culprit has yet to be identified, although the group DarkSide seems to be the guilty party. However, besides bringing the group to justice, there is another aspect of this situation that must be addressed. That is the fact that this was the largest cyber attack on an infrastructure in the US.
This attack has highlighted the argument that security protocols and regulations are no longer able to protect businesses, and oneself. The progress of the situation has escalated so far that now if one has their data breached and controlled, they must now pay ransom. Ransomware is becoming increasingly prevalent in private versus public relations as these hacker groups seek to rectify the imbalance between the wealthy and the poor. Although the authorities have recovered approximately $2 million, there are still questions to be asked.
What can we do to prevent this from happening again?
How do we stop this once we recognize it?
Why is this happening now?
In short, this is a game of shadows. One cannot be aware that they are under attack until it is right at their feet. Of course there are dedicated preventative measures in place, but once someone gets into your system, there is very little to besides begin to calculate the damage that it will create.
To answer the ‘why’, again there is no clear answer. It is an amalgamation of many aspects. The advancements of technology, crumbling infrastructures following the global pandemic, and unfortunate lack of knowledge regarding this issue.
The US in specific has been plagued with a multitude of recent cyber attacks. The rise in cyber warfare tactics has been prevalent in elections and now it is infiltrating the energy sector. While there is not a financial concern regarding whether or not the company could pay it, the concern laid in the fact that hacker groups thousands of miles away took control of a fundamental source of energy in the US.
Following this attack, hacker groups around the world now know that the US energy sector is not equipped to handle an attack at that level. This has the potential to lead to even higher ransom pays or worse. Everyday there are more and more businesses that are faced with ransomware, some are not as fortunate as Colonial Pipeline and cannot afford to pay their ransom. For these companies, they are forced to give in and relinquish all assets to the hackers. This is a troubling reality as our world becomes increasingly digital.
With ransomware attacks moving from being a criminal matter to evolving into a threat to national security, there must be an acknowledgement of the danger that this threat poses. With most of these organizations being based out of Eastern Europe or Russia, they do not face any charges so long as they do not attack within their own borders. Therefore it is up to the US to seek justice, but how is one supposed to seek justice if they cannot understand the matter that they are dealing with?
US leaders have said that they are working on ‘offensive measures’ but will we be prepared for the next time? Should there even be a ‘next time’ at all?