First-Hand Evidence of the Dangers of Ransomware: The Colonial Pipeline Story

If you live on the East coast, you most likely had some early pandemic flashbacks recently; stories of a gas shortage threw people into a gas-buying frenzy (indeed making that gas shortage narrative a true one). Social media was filled with photos of people in pickup trucks filling barrels with gasoline and videos of motorists physically fighting each other over gas.

Half of the country was thrown into chaos. The culprit? A ransomware attack on the Colonial Pipeline.

What is a Ransomware Attack?

We blog frequently about ransomware, but for good reason. Ransomware is malicious software that blocks access to a computer system or files unless a sum of money is paid.

Ransomware turns the power of encryption against you.  Encryption should protect your data and files, but ransomware uses it to take files captive. This means being locked out of your important files – or losing access to control of the largest oil pipeline system in the country.

The goal of these attacks isn’t personal – and it could happen to anyone. According to the BBC, a cyber-criminal gang known as DarkSide publicly acknowledged that they took the fuel pipeline offline. “Our goal is to make money and not creating [SIC] problems for society,” DarkSide wrote on its website. Attackers don’t care who you are – they just want a payday.

And they got it from Colonial, in the form of a $4.4 million dollar ransom payment.

For a fraction of the price of an attack, or the amount spent in reconstructing data, Crestwood Associates can move your data and backups to the cloud. The Microsoft Recovery Services Vault was designed with these sorts of attacks in mind.

How to Eliminate the Risk

In case you’re not eager to fork over millions to recover from an attack, it is imperative that you have a solid cybersecurity strategy. Too often, companies take security for granted, but it’s a mistake they usually only make once.

For a fraction of the price of an attack, or the amount spent in reconstructing data, Crestwood Associates can move your data and backups to the cloud. The Recovery Services Vault was designed with these sorts of attacks in mind.

First, backups are not accessible to the machine that was backed up.  So, if your machine gets compromised, the attackers cannot get to your backups.  Think of it like the old days when we did tape backups and moved them offsite.

Second, if your entire Azure tenant gets compromised, you can only submit a request to delete a backup.  There are extra verification steps taken to get to your backups.

Third, Recovery Services Vault is geo-redundant, so there are at least six copies of your backups in different locations at all times.

The Colonial Pipeline is back online, and the East Coast is slowly returning to normalcy. A quick chat with our team can ensure that your company isn’t next. Contact us today!