“Cyberattacks are a real and present danger to critical infrastructure around the world and, by extension, every single consumer. If reports are accurate, the Colonial Pipeline incident has all of the markings of a possible ransomware attack that began in the IT environment and, out of precaution, forced the operator to shut down operations.
“Ransomware has been a favoured attack vector of cybercriminals because of its effectiveness and return-on-investment. That’s precisely why bad actors have recently set their sights on critical infrastructure. Shutting down operational technology (OT) environments can cost hundreds of millions of dollars which forces providers to outweigh the costs.
“We should not underestimate these groups. Many of them now have help desks, technical support, payroll processing and subcontractors. They are essentially full-fledged criminal corporations operating in the digital world. While it’s unknown how this attack played out, it’s yet another reminder of the increasing threats to critical infrastructure we all rely on.” — Marty Edwards, VP of OT Security at Tenable and longest-serving director of ICS-CERT.