Ransomware Hits the Entire East Coast

The fuel giant Colonial Pipeline was hacked on Friday by ransomware cybercriminals, impacting everyone on the East Coast. From rising fuel prices and lines at the pump to the specter of a widespread gas shortage and inflation, the United States is in a severe bind. Why? Ransomware.

Sophisticated Russian hackers calling themselves the DarkSide made off with almost 100 gigabytes of data, declared the data hostage, and threatened to leak it onto the internet. The ransomware incident underscores the risk that ransomware can pose to critical national infrastructure and every business and government agency. (It may also impact you since you may not be able to buy gas this weekend if you live on the East Coast.)

The bad news is that it will only worsen since the DarkSide is a malware operator that runs a Ransomware-as-a-Service network — meaning that other cybercriminals can pay to use their technology to access a victim’s network. The criminals then encrypt and exfiltrate data, threatening to expose the data if a ransom is not paid. According to the U.S. Cybersecurity and Infrastructure Security Agency, “Groups leveraging DarkSide have recently been targeting organizations across various…sectors, including manufacturing, legal, insurance, healthcare and energy.”

Ransomware and the Most Vulnerable Industries List

On the list of industries most vulnerable to hacking and ransomware, energy enterprises like the Colonial Pipeline are at the top. The Colonial Pipeline is the U.S.’s most extensive pipeline system for refined oil products. At 5,500 miles long, it carries more than 100 million gallons of gasoline, diesel, jet fuel, and heating oil daily between Texas and New York. That’s roughly 45 percent of the fuel consumed on the East Coast.

Perhaps your organization is smaller than the Colonial Pipeline. So what then? Just keep in mind that even if you are working for a smaller business, as long as it’s in one of the following industries, you are also at the top of that “most vulnerable” list:

  • Services (legal, insurance, etc.)
  • Health care
  • Manufacturing
  • Government
  • Higher education

Is ransomware a credible threat to your organization? You bet! And if you are a small- to medium-sized business, you are especially vulnerable. Over the last year alone, the news has been filled with stories of malicious attacks that have sabotaged unwitting businesses and government agencies, costing those organizations considerable time and money and damaging their reputation. Just over $300,000 is the average amount paid out by ransomware victims. That’s why there’s no time like the present to protect yourself.

Wouldn’t identifying gaps in your business’s network security – before a lousy actor hacks you – make sense? It should. That’s precisely why your organization’s overall security posture should utilize routine network penetration testing.

How Pen Testing Can Help

Plain and simple, running regular “pen tests” against the network gives you visibility into real-world threats that may impact your network security, exploits any vulnerabilities, and provides steps for remediation. Routine pen tests allow you to test safely your system’s resistance to external hacking attempts by simulating the actions of an actual intruder who might try to exploit vulnerabilities caused by operational weaknesses, outdated security policies, insecure settings, bad passwords, code mistakes, software bugs, service configuration errors and more.

Here are four reasons why your organization would benefit from routine network pen testing, which could also help prevent ransomware:

No. 1: Reduce Exposure, Remediation Costs, Hassle and Network Downtime

The average cost of a data breach in 2020 was $3.86 million, according to the Ponemon Institute. While the report showed a 1.5% decrease in costs from 2019, it still showed a 10 percent rise over the previous five years. So, if you are dealing with ransomware, you must deal with the added costs and hassle after you’ve paid the ransom (or not). This may include legal fees, regulatory fines, remediation fees, tarnished brand, sullied reputation, customer protection programs, lost sales and opportunities due to bad publicity, and customer churn. Substantial subsequent investments will be required, such as advanced security measures and customer protection programs. And downtime? Getting all systems back up and running smoothly might take some time. A routine pen test proactively probes the areas of greatest weakness in your IT systems and flags them for remediation – before a hacker finds them. This proactive reduction of overall exposure protects your business from dramatic financial and reputational loss and potentially devastating downtime.

No. 2: Prioritize Risks and Build a Killer Defense Posture

Wouldn’t you like the whole picture of your network security health? By proactively conducting regular pen tests, your organization can evaluate its web application and internal and external network security in full, prioritize the associated risks, and understand the level of security that will be required to protect your data, people, and assets from future bad actors who seek to rob you of that time, money and collateral damage. Anticipating the risks, fixing vulnerabilities on the spot, and implementing remediation strategies will enable your organization to build up highly effective defense mechanisms.

No. 3: Achieve Security Maturity

What’s the difference between a routine penetration test and a real-life hack? The former is conducted in a safe and controlled manner and is meant to inform the steps that you take toward security maturity. It simulates an attack by infiltrating your systems after finding vulnerabilities. Repeating this process regularly drives security maturity. Why? Because you are continually using that visibility created to develop a comprehensive data security plan. Moving your security program forward in a way that not only manages risk better but also creates additional value for your organization may be a competitive advantage in your industry. Continuing to mature the security posture within your network environment demonstrates to your customers, shareholders, and other stakeholders that you strive for optimum security and data protection, focusing on continuous improvement and enhancing your ability to respond quickly to opportunities and threats.

No. 4: Comply With Industry Regulations and Standards

Pen tests can help you satisfy the myriad compliance and security requirements that are pretty much part of every industry. Non-compliance typically carries heavy fines. So, if you’re taking credit card payments, you need PCI compliance. HIPAA compliance pertains mainly to the healthcare industry, and FISMA and ISO 27001 are still more compliance standards that specific organizations must meet. By performing your routine pen test, you are not only avoiding non-compliance but also demonstrating due diligence and your commitment to information security and network health.

What Are You Waiting For?

So, are you undergoing routine penetration testing? If not, why not? Your first step should be to find a certified penetration testing professional or team. A professional can advise you about which type of pen test would benefit your organization.

The AISN cybersecurity team can get you started with a pen test, explaining the steps and answering your questions. We can also advise you on the minimum frequency of pen tests required for your industry and IT infrastructure. Typically, we provide a detailed remediation plan following the testing process. This helps you understand the necessary procedures and investments you’ll need to put in place to build a more secure environment within your organization. For more information on how to get started, contact us today.