Infrastructure hit again
It has been an upsetting world in the Cyber Security world over the weekend, as major infrastructure was disrupted again. This time it is closer to home.
But let’s start with the Colonial Pipeline ransomware attack we wrote about last week. It was revealed over the weekend that the owners of the Colonial Pipeline have paid the $5million dollar ransom to Darkside, the hackers that shut down their systems. The ransom was paid to prevent a data leak and to retrieve the data. However, it was Colonials’ own staff that may have rescued the data we are waiting on confirmation on this from sources.
Whilst this was happening, Toshiba announced it had been hit by a similar cyber attack on May 4th. Toshiba has not detected a data leak and says only minimal data was lost. since the attack, Toshiba has put more protective measures in place. This is all well and good, but should they not have acted before it happened? this is very much like bolting the gate after the horse has bolted. Cyber Crime is on the rise and we are very much aware of it.
These have both have big impacts on President Biden, Who on Thursday signed an Executive Order to improve the US Cyber Security Defenses. The fact that Colonial has paid the ransom is a blow to him. It has completely undermined his position and stance. It will increase the pressure to ban ransomware payments. The silver lining for those of us in Cyber Security is that it was the technical staff that got the data back, as Darkside was so slow in restoring it. they were probably happily spending their $5million.
Irish Health Care
Also over the weekend, we heard that Irish Health System had been breached in what has been described “as possibly the most significant cybercrime attack on the Irish state”. The attack has been described as ‘not espionage’, but The Irish PM has stated that they will not be paying any ransom. The Health system was temporarily shut down, but Emergency Services and the vaccine program continued without disruption. The attack is widespread and very significant, and it has been dubbed the most significant cybercrime attack on the Irish State.
The National Cyber Security Centre (NCSC) has said the Health Service Executive became aware of a significant ransomware attack on parts of its IT infrastructure in the early hours of Friday morning and the NCSC was informed of the issue and immediately activated its crisis response plan.
Prevention and Recovery
It is extremely easy for these sorts of attacks to happen, but they are also easy to protect against. This is a multi-touch protection program that includes the training of staff (your Human Firewall), having the right tools in place, and making sure you have a backup and response plan.
For help on any of the above, in touch today.