The ransomware attack against Colonial Pipeline, which has disrupted the flow of gasoline and other petroleum products throughout the eastern U.S. since Friday, is
Acting CISA Director Brandon Wales testifying before the Senate Homeland Security and Governmental Affairs Committee
The Cybersecurity and Infrastructure Security Agency is still awaiting more technical details from Colonial Pipeline about the Friday ransomware attack that forced it to shut down its operations, the agency s acting director told a Senate committee Tuesday. Right now, we are waiting for additional technical information on exactly what happened at Colonial so that we can use that information to potentially protect other potential victims down the road, Acting CISA Director Brandon Wales told the U.S. Senate Homeland Security and Governmental Affairs Committee.
The FBI, and not Colonial Pipeline, contacted CISA to help investigate the attack, and the agency s investigators have been working since the weekend to help determine the size and scope of the incident, Wales testified.
Secretary of Homeland Security Alejandro Mayorkas
About 50% to 70% of all ransomware attacks in the U.S. are targeting small and medium-sized businesses, costing the victims an estimated total of $350 million in the last year, Secretary of Homeland Security Alejandro Mayorkas said Wednesday in a speech to the U.S. Chamber of Commerce. The losses from ransomware are staggering. And the pace at which those losses are being realized is equally staggering, Mayorkas said, noting this is why DHS has made battling ransomware a priority.
DHS, through the U.S. Cybersecurity and Infrastructure Security Agency and the Secret Service, offers tools and educational programs that small businesses can access to help them better defend themselves from ransomware attacks - and more resources are on the way, Mayorkas said.
Colonial Pipeline: A Global Day of Reckoning
Compliance
Compliance
SecurityEditor) • May 11, 2021
Gregory Touhill, director, CMU SEI s CERT Division
Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a global day of reckoning for critical infrastructure protection. It s a global day of reckoning from the standpoint of seeing critical infrastructure such as this go into a gridlock because of ransomware, says Touhill, who recently was appointed director of the CERT division of the Software Engineering Institute at Carnegie Mellon University. Further, it s a wake-up call for governments all around the world.
DarkSide s Pipeline Ransomware Hit: Strictly Business?
Compliance
euroinfosec) • May 11, 2021 It s not personal, Sonny. It s strictly business.
That immortal line from The Godfather encapsulates the mindset of criminals who extort businesses using ransomware and other tools: It s all about profits. If the group behind these attacks does mean to avoid social consequences in the future, they should stop carrying out attacks.
One of the gangs involved in such schemes has created a bigger than usual outcry because of its most recent target: Colonial Pipeline Co., which bills itself as being the largest U.S. refined products pipeline system, carrying millions of barrels of petroleum-derived fuels across the U.S. Eastern Seaboard each day.