It all came down to one compromised password.
When a hacking group named DarkSide launched a cyberattack against Colonial Pipeline in spring 2021, the gas company paid a $4.4 million ransom to bring its fuel distribution operations back online.
Authorities eventually recovered some of the company’s ransom money, but Colonial Pipeline faced further attention in August when it was discovered the attack also compromised the information of some 6,000 employees and their families.
Just take a second now to absorb the fact that all of this occurred because of one lackluster password - in the Colonial Pipeline case, a password on a virtual network that had previously allowed employees to remotely access the company network.
Theron McChesney, business intelligence, research and analytics supervisor with SDN Communications, says these major attacks grab all the headlines, but the reality is all companies - large and small - are at risk. McChesney outlines the latest trends and risks seen in South Dakota in the SDN Communications’ “Cyber Threat Landscape” report.
The network security report, released every six months by SDN, examines trends in cybersecurity, mined from SDN’s Managed DDoS Protection service service and SDN Managed Firewall service.
SDN’s cyber protection services show a steady increase in attacks over the past four years, from 1,008 in 2017 to 6,035 in the first half of 2021.
“In the first half of 2021, we’re seeing an average of 34 DDoS attacks per day. Those are high alerts that we believe to be legit attacks aimed at our customers,” McChesney says.
Now for the good news - “The vast majority of the attacks (within SDN companies) are very short in duration. We’re talking the average is 10 minutes,” he says.
The number of attacks is also trending down heading into the second half of 2021. This is compared to 2020, which ran high at around 50 a day, likely due to more people working remotely.
But while some of the numbers may be down, still others continue to climb, raising justifiable alarms for companies. This is not the time to relax, the consequences are simply too high, McChesney says. (Remember, $4.4 million!)
So, what should companies take away from the report?
Companies need thorough protection services and firewalls, actively managed and carefully monitored. Cyber protection cannot be added and forgotten.
McChesney says companies also need to ensure all employees are trained in cybersecurity threats - remember, the Colonial Pipeline breach came down to one bad password.
“You have to plan and train,” he says. “You just have to tell your employees what to do and what not to do, making sure they understand what kind of schemes are out there so they can recognize those opportunities … like when the Nigerian prince says they’ll give them a bunch of money if you click on this link.
“It’s not rocket science but it’s stuff we do have to practice regularly.”
Visit the Cyber Threat Landscape Report Archive for full access to all of our reports.