Ransomware Fail

On 5/7/2021, the Colonial pipeline which provides almost half of the east coast oil supply was shutdown by a ransomware attack. Service returned five days later, but only after Colonial paid almost $5 million in ransom to get the cyber keys.

Could this have been avoided?

The simple answer is YES. Legacy monolithic infrastructure architectures leave systems highly exposed to these type of attacks. The fact that a vital component to U.S. infrastructure was so exposed is both scary and mind numbing. It highlights gross incompetence in resiliency planning. At the worst case, it’s unimaginable that a vital service like that did not have the ability to rebuild infrastructure and roll back data to a pre-attack state.

In a forward thinking technology culture, it would seem more critical that resiliency planning would have looked more towards an IaaS or PaaS design in order to respond swiftly to any factors impacting production operations. Technology is available to have near real-time failover to alternate resources.

The Colonial Pipeline incident should serve as a message to all who oversee critical production environments to review their plans and ensure they are leveraging the best options to mitigate or avoid the evolving risks in the digital age.