Is your critical infrastructure resilient against cyber threats? has been saved
Is your critical infrastructure resilient against cyber threats?
Ransomware attacks are on the rise with increasing persistence and sophistication. Even the strongest defenses may not prevent future cyberattacks.
The recent DarkSide ransomware attack on Colonial Pipeline serves as a reminder of the impact cyberattacks can have on critical infrastructure. Cyberattacks are on the rise, with increasing sophistication by threat actors who are adept in evasion techniques. This attack highlights the growing blur between the digital and physical world—and why organizations should take a serious look not just at their cyber defense posture, but also at the resiliency of their business in the event of a cyberattack.
Prevent compromise of IT from spreading to operational technologies (OT)
Colonial Pipeline is the largest supplier of gasoline, diesel, and jet fuel on the east coast. They transport 2.5 million barrels of fuel per day—nearly half of the east coast's total fuel supply—through their network of pipelines on the Gulf Coast and distribution centers across the eastern and southern United States.1 This cyberattack halted pipeline operations, impacting businesses and millions of people on the east coast of the United States.2
What makes this attack noteworthy?
- Colonial Pipeline temporarily halted all 5,500 miles of pipeline operations in an abundance of caution to contain the threat
- This cyberattack is considered unprecedented as a result of the impact to the oil industry — 45% of pipeline operators were affected; more than 17 states declared a state of emergency; and consumers suffered from oil supply shortages felt directly at the gas pump in parts of the country.2
- Shortly after the attack, a new executive order intended to improve national cybersecurity was announced highlighting the need for the federal government “to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.”3
Lessons learned from the Colonial Pipeline ransomware attack
- Proactively plan for a crisis: Prepare for technology disruption scenarios (including cyber incidents)
- Map out your most critical systems and assets: Identify assets critical to your operations which could appeal as targets
- Prevent compromise of IT from spreading to OT: Segment your critical systems and OT network, deploy advanced monitoring for suspicious activity, and use jump-boxes to further control access
- Accelerate your adoption of Zero Trust: Assume breach and remove implicit trust from users, workloads, networks, and devices
- Increase resiliency of your business: Place as much importance on response efforts as prevention and detection including business resiliency planning and simulation exercises
- Go on offense: Modern security principles such as proactive threat hunting, machine learning, and self-healing systems can help you take an offensive approach
How Deloitte can help
Deloitte can help clients design, build, and operate dynamic, business-aligned security programs wherever they may be in their cyber journey. Services best aligned to ransomware response efforts include, but are not limited to the following:
- Cyber Resiliency & Recovering Planning
- Crisis Management
- Threat Hunting & Intelligence
- Attack Surface Management
- OT Security Architecture
- Zero Trust Transformation
- Identity & Access Management (IAM)
- Threat Detection & Response
- Incident Response Retainers & Forensics
- User Behavior Analytics (UBA) Monitoring
- Red Teaming and Penetration Testing
- Breach & Attack Simulations