Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk.

Ransomware has been a thorn in the side of cybersecurity teams for the past several years. As other security threats have come and gone, this insidious threat has been a constant challenge for every organization. This past year has proven to be especially profitable for ransomware operators, as major organizations like United Health Services, Orange and Acer have fallen victim to these attacks.

On Thursday, May 6, Colonial Pipeline, which operates a pipeline that delivers gasoline and jet fuel to nearly 45 percent of the U.S. East Coast, fell victim to a ransomware attack. The attack took over 100 gigabytes of data hostage, causing the company to halt all pipeline operations and shut down several of its systems. The attackers, identified as a criminal gang known as DarkSide, threatened to leak proprietary information unless a ransom is paid.

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey.

Attack vectors are defined as the means or paths by which hackers gain access to computers remotely with malicious intentions such as delivering payloads or carrying out other harmful activities. Some common ones are malware, social engineering, phishing and remote exploits.

The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack.

In our recent webinar, Netacea’s Head of Threat Research, Matthew Gracey-McMinn, and Enterprise Sales Manager for Travel and Tourism, Graeme Harvey, were joined by Director of Spike Digital, Duncan Colman, to delve into the top bots and cybersecurity threats set to target the travel industry in 2021.