Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.
Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure.
Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.
What can be done better in the future? Is it about backup and recovery tools? About EDR?
Should the incident response be managed in a different way?