Colonial hack will focus government and operators on ransomware concerns: GlobalData
A cyberattack on the Colonial Pipeline may bring greater awareness to vulnerabilities in critical infrastructure and encourage governments and energy companies to bring more defensive efforts to bear, analysts say.
The 5,500-mile-long Colonial system, one of the largest in the U.S., was shut down on May 7 after a cyberattack involving ransomware was detected. The closure of the system was expected to continue for several days while the company and law enforcement looked into the breach.
Following the disclosure, David Bicknell, principal analyst, Thematic Research at GlobalData, said the impact will send a message to key stakeholders.
"The economic impact wrought by this cyberattack will bring home to government and energy operators the vulnerabilities in critical infrastructure. This is not the first ransomware cyberattack on an oil and gas utility - and it won't be the last - but it is the most serious. It is also potentially one of the most successful cyberattacks against US critical national infrastructure," he said. "Although cyberattacks have typically targeted corporate IT systems, the risk of those jumping across to operational technology (OT) systems has become much more prevalent.
"Next week's RSA cybersecurity conference would typically have discussed the threat to all organizations from ransomware attacks, but the extent and impact of this attack on a US fuel pipeline will make this a keynote issue. The security industry must find a way to help organizations - especially utilities - develop both defensive measures to prevent these attacks and the requisite best practice for responding to them," Bicknell concluded.