Colonial Pipeline Cyber Attack: What You Should Know

Located in Alpharetta, Georgia, Colonial Pipeline delivers almost half of the fuel consumed on America’s East Coast. Last week, it was hit with a cyber attack, halting some operations and raising fears about economic damage and spikes in fuel prices. Although pipeline officials have stated that the outage of their services are proactive and temporary, the attack also calls into question the security of other crucial services in the country and around the world. This attack is not the first to happen, or even the first this year, nor will it be the last. Here’s what you should know about the Colonial Pipeline cyber attack:

• What kind of attack was it?
• Who did it?
• What are the effects of the attack?
• Can Colonial Pipeline fix the problem?
• How can this be avoided in the future?

 What Kind of Attack Was It?

The Colonial Pipeline cyber attack took the form of a “ransomware” attack. Essentially, a hacker tricks a user into clicking a link or downloading a program that contains a virus. When installed, the program is able to take over a computer’s systems and lock the owner out. To regain access, the user must pay a fee…but there’s no guarantee that the hacker behind the program will follow through and restore access once given the money. In addition, many ransomware programs also gather data from the device they’ve taken over. Hackers often sell this data or further exploit the victim with it.

Who Did It?

Unfortunately, it’s notoriously difficult to pin a cyber attack to a particular person or group. Often, they must claim the blame publicly in a bid for attention. However, there are a number of known groups who regularly conduct cybercrimes. In the case of the Colonial Pipeline cyber attack, the FBI has formally accused newcomer group DarkSide in the attack. The group, which is likely based in Eastern Europe, is believed to have launched the attack simply to extort Colonial Pipeline. Nevertheless, the FBI has issued an alert to companies similar to the pipeline, asking for vigilance towards similar attacks with even more insidious purposes.

What Are the Effects of the Attack?

As we already mentioned, it appears this attack was simply designed for extortion. The group behind the ransomware wanted money from Colonial Pipeline. That being said, the effects of the attack run deeper than that. As a result of the ransomware, Colonial Pipeline was forced to shut down much of their operations. Because ransomware notoriously digs through computers for valuable data, and may even leave traces behind for future attacks, it forced the pipeline to shut down their devices and scan them for deeper vulnerabilities. 

Can Colonial Pipeline Fix the Problem?

Although a few factors are at play when it comes to recovering from ransomware, the effects of these attacks can be mitigated and overcome. It’s just a matter of time. In the case of the Colonial Pipeline cyber attack, the factors impacting how long before service can be fully restored mostly come down to how deeply the ransomware affected the pipeline’s computers. They have to scour every inch of their network for traces of the hackers’ code. Once discovered, they must then find a way of removing the code, which can prove difficult.

Ultimately, the pipeline estimates full service restoration by the end of the week.

How Can This be Avoided in the Future?

Hackers are clever and tricky. They’re experts in crafting well-disguised delivery systems for their attacks, so that they look like benign emails and files. However, when clicked, they start their attack. Because of the way it’s disguised, avoiding ransomware altogether is tricky. However, there are a few things organizations and individuals can do to protect themselves. One of the most effective methods is installing antivirus software on all devices, which can catch ransomware before it’s installed. In addition, businesses should teach employees good digital literacy. Our article about some of the most common scams online can help with that. 

Most internet users are no stranger to the world of cyber attacks. Computer viruses have impacted nearly everyone in the past. However, large scale attacks on major industries may still seem new to many…even though they’ll become all too frequent in the future. Always keep one eye on the news and one on your own cybersecurity so you can reduce your chances of becoming the next victim of a cybercrime.