A ransomware attack& has led to the shutdown of& the Colonial Pipeline, the& largest fuel pipeline& in the U.S.& The Colonial Gas pipeline supplies gasoline, jet fuel,& and other products to the eastern and southern U.S., providing 45% of the East Coast supply of fuel.&
As& relayed& by& Colonial Gas& on& May 8,& the privately-owned& company& suffered a ransomware attack.& While the details of the attack are unclear to this point,& attackers targeted& key& Colonial& information and operation& technology& systems,& encrypted data that& has& impacted& overall operations, and demanded ransom& to decrypt their data.& & &
As& reported, the& attack is currently being investigated& by the F.B.I., the U.S. Department of Energy, and the White House, as well as by a third-party cybersecurity firm.& &
The attack has& been& attributed& to the Russian& DarkSide& criminal group, and at present is& not& being viewed as& a state-sponsored attack.& In an attempt to& curb the impact of attacks by adversaries and criminal organizations, the Biden Administration is planning on launching an executive action& designed& to strengthen cybersecurity systems crucial to intelligence apparatus and critical infrastructure.& &
While reserve fuel supplies& are present,& Colonial announced today that they do not expect& operations& to return& before the end of this week,& raising the risk of supply issues reverberating throughout& our economy.& &
ACA guidance
The Colonial Pipeline& ransomware attack& is a stark reminder of just how vulnerable& companies are to& attacks,& the impact these attacks can have on& operations& and on the& supply chain,& and& the importance of& prioritizing cybersecurity risk management.& &
Recently,& ACA& Aponix& provided& guidance& on& protecting& organizations, and particularly those in the& energy sector,& from ransomware and other cybersecurity attacks,& including:&
-
Segregate& key networks& using demilitarized zones (DMZs)&
-
Maintain offline& backups&
-
Perform& risk assessments& and network penetration& testing&
-
Review incident response plans&
-
Enhance& phishing prevention& training& efforts&
The attack likewise& necessitates& a call to action for private equity (PE) firms in relation to the& cybersecurity risk management& of their& portfolio companies (portcos).& &
PE firms in general, and especially those with portfolio companies in the energy and infrastructure sector,& are advised to:&
- Recognize that criminals are increasingly targeting PE& firms considering the likelihood of ransomware payment,& due to:
- The perception& that companies held by private equity investors& have the& resources& to pay off huge& demands&
- The perception that& cybersecurity operations& at portfolio companies& are lean& due to& high profit& goals& &
- PE hesitancy to expose details of attacks& for fear of devaluing& portco& holdings& &
- The ease of locating& and& linking portfolio companies to PE firms due to disclosure& requirements& &
-
Involve the board and& senior& management in& planning and advancing portfolio-wide cybersecurity& efforts.&
-
Implement systems to monitor cyber risk on a portfolio-wide& basis.&
-
Implement recommendations for& cybersecurity enhancement, including penetration testing, network segregation,& risk assessments,& incident response planning, patch management, and implementing multi-factor authentication for all remote access points.&
-
Firms investing in energy& should ensure that cybersecurity is heightened at particularly vulnerable targets of the energy sector (e.g., segmentation/isolation of supervisory control and data acquisition (SCADA) services).&
How we help
ACA Aponix®& offers the following solutions that can help your firm protect itself in relation to this and similar cybersecurity warnings, and to enhance its cybersecurity in general:&
- Risk assessments and regulatory compliance testing services
- Threat intelligence, phishing testing and monitoring
- Operational resilience and governance
Download our& PortCo Defendâ„¢& portfolio company cybersecurity solution brochure.
If you have any questions, please contact your ACA Aponix consultant or contact us below.