Lessons Learned from an Oil Pipeline Ransomware Attack | Y-Not Tech Services – Lethbridge, AB IT Support

by

Lessons Learned from an Oil Pipeline Ransomware Attack | Y-Not Tech Services - Lethbridge, AB IT Support

Lessons Learned from an Oil Pipeline Ransomware Attack

Your business may not be supplying oil to the United States, and you may not even be in the critical infrastructure business, but don’t think that means ransomware can’t happen to you, too. This article shares lessons learned from a headline-grabbing event, and they’re applicable to businesses of all sizes in all industries.

First, what happened? The May 2021 ransomware attack crippled a 5500-mile gasoline pipeline. The Colonial Pipeline serves up nearly half of the gasoline used by the East Coast of the United States. The attack, thought to be the largest ever on US oil infrastructure, encrypted almost 100 gigabytes of data. Russian hacker group DarkSide took the systems hostage, demanding an undisclosed ransom. The pipeline was offline for days, and the disruption plagued the country for weeks.

The lesson learned? Businesses cannot underestimate the importance of being proactive about preventing cybercriminal attacks. The Colonial Pipeline attack originated in Russia and attacked the US, but the motive was financial. The majority of cyberattacks come down to money. That means your business could be at risk, too.

Lesson #1: Educate employees

Avoid falling victim to a devastating ransomware attack by educating employees about cybersecurity. Train your employees to recognize phishing emails and other scams, teach them about the importance of strong passwords, help them understand the potential dangers of using unsecured wireless networks or unencrypted devices, and prevent their downloading unsanctioned apps onto work computers.

Lesson #2: Use firewalls and email filtering

Configure firewalls to protect your network and block access from malicious IP addresses. Geo-fencing can reduce traffic from foreign actors in known cybercrime hubs.

Additionally, set up advanced spam filters. These help identify and stop phishing emails before they even get to your employees.

Lesson #3: Limit access

You’re thinking you’re doing that already with firewalls and filtering, but this refers to limiting access for the people who work for you. Configure credentials so that employees can access only what’s needed to do their job. Limiting administrative access makes it more difficult for bad actors to do damage.

Also, limit permissions to reduce access. One employee may need to read certain files but have no need to edit them. Configure the file and directory access accordingly.

Lesson #4: Monitor and patch

Even if you’re not online at all hours of the day, you should be monitoring IT 24/7. Set up alerts to identify any suspicious activity. You want to know as soon as possible if there is a vulnerability so your business can limit its exposure.

Also, patch: don’t ignore update notifications from your software providers or operating system manufacturers. Every piece of technology in your office could be an entry point for a bad actor. Cybercriminals are always finding new modes of attack and vulnerabilities. You have to be vigilant and keep your systems updated to cut your risk.

Lesson #5: Have a backup plan

If cybercriminals take your system hostage, you don’t want to have to pay a ransom. It’s costly, and you can’t guarantee you’ll get a functional system back. You will still suffer downtime and damaged reputation from the attack.

Having several system backups, tested regularly for accuracy, helps protect you from catastrophe. We recommend a 3-2-1 approach. That’s three separate copies of the backup on two different storage types, and at least one of them should be off-site.

Customize your backup plan around the specific needs of your business. One company might be fine backing up daily, whereas another may suffer if it loses even a few hours of data.

Cybersecurity doesn’t have to be complicated

Ransomware attacks are expensive and time-consuming. Partner with a managed service provider to keep an eye on your systems. Our IT experts can configure protection, track activity, and provide backup solutions. Take preventative action to protect your business against ransomware and other cyberattacks. Work with professionals to install a layered IT security strategy today. Book an appointment today:

 

Book an Appointment

Testimonials

  • Prompt and Professional service on my compromised computer. Owner is very personable and I am delighted with the end result. Read More
    Kel H
  • Tony did a great job on setting up my wife's new computer after we had spent $150.00 for a so called professional to set it up. The so called professional stated that the computer was all set to plug and go....Far from it. Thanks Tony for helping us out with with this frustrating matter. You... Read More
    Dennis v
  • Tony is honest and responsive Read More
    Leah B
  • Y-Not Tech services has helped us with all our Tech needs that we've needed so far, and responds very quickly. Appreciate the fact that problems are explained to us, and properly fixed. Read More
    Buffalohead Vet
    Taber
  • Tony has always been very professional . He has helped in many ways to make our computer experience excellent. His response is very timely and explains the computer lingo in a way that all can understand. Thank you Tony Read More
    Jacalyn W
    South Lethbridge
  • A+ services. Friendly and informative. Wouldn't go anywhere else. Read More
    Tyrell C
  • Tony is super helpful. I'm confident that my computers are protected! Read More
    CE
  • Very satisfied with the service I received! Read More
    RC
  • It is an absolute pleasure to work with Tony at Y-Not Tech Services. He is always helpful and knowledgeable and reliable. We are so thankful to have His expertise and care. Read More
    Bernice N
    West Lethbridge
  • Great personality and quick to respond. Very happy with the service I have received from Tony. He is very knowledgeable and it is great knowing he will work on site or do remote connection to fix problems. As someone who works from home it really reduces the stress level when I am having a problem... Read More
    Cam M
    North Lethbridge
Y-Not Tech Services
Serving Lethbridge, Alberta and surrounding areas
Phone: 403-915-8574
Email: tony@ynottechservices.com
Hours
Monday–Friday: 9:00 AM – 5:00 PM (by appointment only)
Saturday–Sunday: Closed

FOLLOW US

Book an Appointment with us!

Book an Appointment

Services

Computer Repair     Laptop Repair     Tune-Up     Virus Removal