IT Chickens Coming Home To Roost?

Starting around 2001, many companies took an approach to IT that centered around reducing the overhead costs. These reductions manifested in 2 different ways. The first approach was to downsize the IT team, particularly by trimming out senior (and most expensive) technical professionals. The second was to tranform infrastructure from traditional servers to virtualized machines, and eventually to those hosted by others. The virtualization approach itself was thought to be a brilliant idea, but the implementation often fell short as resiliency was sacrificed for budget.

Recent cyber attacks and ransomware events have shined a spotlight on the risks that were accepted when the cost savings initiatives were adopted. As infrastructure budgets were trimmed, resiliency and multi-tiering of vetted data were considered to be excessive measures which only add overhead to the IT expenses. Similarly, as complicated data protection solutions were eliminated there was no longer the need for the experience IT professionals who could summarize the potential risks being adopted. Seasoned IT professionals, architects and engineers, have been replaced by coders who delivery a constrained set of deliverables set for the current SCRUM with no vision to the strategic plans.

In light of the increased risk of attack and potential costs, the question is now how companies (particularly those handling critical infrastructure) will respond. In a new infrastructure world that provides cloud services such as AWS and Google Cloud Platform, the costs of hosting may still be managed effectively. But, it may be time to re-think the role of strategic planning IT professionals to ensure that companies have available talent to review the data plans. Zero data loss, even under the most vicious ransomware attack, is completely possible with the correct data plan in place. The question is whether companies may now recognize this need, or if it might even reach the point of the government requiring a minimum level of integrity and recovery for any companies which provide services deemed to be critical infrastructure.

Ransomware Fail

On 5/7/2021, the Colonial pipeline which provides almost half of the east coast oil supply was shutdown by a ransomware attack. Service returned five days later, but only after Colonial paid almost $5 million in ransom to get the cyber keys.

Could this have been avoided?

The simple answer is YES. Legacy monolithic infrastructure architectures leave systems highly exposed to these type of attacks. The fact that a vital component to U.S. infrastructure was so exposed is both scary and mind numbing. It highlights gross incompetence in resiliency planning. At the worst case, it’s unimaginable that a vital service like that did not have the ability to rebuild infrastructure and roll back data to a pre-attack state.

In a forward thinking technology culture, it would seem more critical that resiliency planning would have looked more towards an IaaS or PaaS design in order to respond swiftly to any factors impacting production operations. Technology is available to have near real-time failover to alternate resources.

The Colonial Pipeline incident should serve as a message to all who oversee critical production environments to review their plans and ensure they are leveraging the best options to mitigate or avoid the evolving risks in the digital age.