Welcome to this week’s cybersecurity newsletter. If you turn your mobile phone, open a newspaper, or even try to get gas for your car in the Southeast, cybersecurity was on your mind. We are now starting to see the full impact of the hack of the Colonial Pipeline. While not the largest hack ever, it is certainly one of the first that so directly impacted so many so directly. It was impactful enough that the White House declared a state of emergency. As you already know, a Eastern European criminal gang has taken credit for this attack. In order to free up their systems, the pipeline operators actually paid the ransom of $5 million. The criminal group has since shut down, which is not uncommon in such an attack and could resurface. Of course, this was not the only cyberattack over the past several weeks. The DC police dept also had its records hacked.
The White House has responded with a sweeping executive order to counter this threat. What stands out the most is the requirement for software to be certified as secure. This will require a great deal of validation and testing so industry pushback is to be expected. I imagine the requirements will revolve around the idea of secure coding standards such as OWASP (OWASP Secure Coding Practices-Quick Reference Guide ).
The cybersecurity threat is real and has tangible impacts.
One mitigating action against ransomware attacks is backing up your data so in case you are attacked with ransomware, you need not pay to get the data back.
The federal government is rightly responding and yes, this will mean more regulations. Be proactive and start developing your organization’s cybersecurity strategy now!
Have a great week!