We just raised a $30M Series A: Read our story
2021-05-21T03:36:00Z

What lessons can be learned from the Colonial Pipeline ransomware attack?

128

Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.

Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure

Lessons from the Colonial Pipeline ransomware attack

Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.

What can be done better in the future? Is it about backup and recovery tools? About EDR? 

Should the incident response be managed in a different way?

Thanks

ITCS user
Guest
13 Answers

author avatar
Top 5LeaderboardReal User

At minimum, do the basics. Patch or mitigate vulnerabilities by isolating the access and impact. Invest in security (tools, people and processes), always have backups & recovery tools (VEEAM) and regular/validated process that works to restore. daily/diffs/weekly/monthly etc. Oh and try not to let any 8th grade hackers into your systems which is the hole Colonial left wide open to all Darkside to do this easy hack.

2021-05-21T13:36:00Z
author avatarEvgeny Belenky
Community Manager

@ITSecuri7cfd thank you for your answer! 
Would you say that EDR tools are as important as the backup & recovery tools? Can you please elaborate a bit what sort of tools should be essential for such a facility?
Thanks

author avatarEvgeny Belenky
Community Manager

Hi @ITSecuri7cfd just wanted to follow up on my question in the reply. Thanks

Find out what your peers are saying about Veeam Software, Zerto, Commvault and others in Backup and Recovery Software. Updated: November 2021.
552,695 professionals have used our research since 2012.