Early last year as most of the country’s attention was focused on a global pandemic, a Russian nation-state cyberattack targeted SolarWinds’ Orion product. The Cybersecurity and Infrastructure Security Agency (CISA) issued a report stating that around 18,000 US public and private customers were affected in the attack. Last Friday, Colonial Pipeline was similarly attacked. Effects were quickly felt as gas shortages spread throughout the East Coast. In a year replete with health and social crises, cybersecurity has been a backburner concern for many. However, recent attacks highlight instability in our critical infrastructure’s cybersecurity and demand an immediate response.
The SolarWinds attack was attributed to the Russian SVR Foreign Intelligence Service—a sophisticated attack leveraging a nefarious workforce of an estimated 5,000 people. Their method was a ‘supply chain attack’ targeting the development of software before it was distributed, whereby cyber criminals insert software to access an organization’s network and data. Although the cause has not yet been made public, the Colonial Pipeline attack appears to have been much less sophisticated.
Believed to be the product of a group called DarkSide—a professional and well-organized gang—this attack also stems from Russia. Using the ‘ransomware attack’ method, DarkSide in all probability created a socially engineered clickbait. From there, DarkSide encrypted the software so the pipeline could no longer operate and had to shut down.
Far more concerning, criminal organizations with well-known tactics and well-known tools are still capable of attacking our country’s networks largely because we are pervasively ill-prepared. Furthermore, the Federal Bureau of Investigation (FBI) estimates that only 10% of this type of cybercrime is ever reported. In essence, the SolarWinds and Colonial Pipeline attacks should serve as a wakeup call.
All of us have a role to play in combating ‘the bad guys’. It is easy to view cybersecurity as someone else’s problem or to believe our government is going to protect our data. In truth, we all need to take personal ownership of our data and cyber hygiene.
On a professional level, organizations like the Carolina Cyber Center provide workshops, tools and classes geared for anyone from amateurs to cyber professionals that spearhead the need for ethical cyber professionals. On an individual level, there are four common techniques that can be used to prevent cyber-attacks.
First, create long passwords unique to every site. While it may seem like an overemphasized piece of advice, the truth is that if it is easy to remember, it is easy to break into. Second, utilize a password manager. This will aid in keeping your multiple passwords secure and assist in creating and maintaining the longer and more complex passwords that are necessary for your long-term security. Third, use disposable email accounts to limit the collection of your personal information and the potential for a malware threat to linger. Fourth and finally, ensure that the traffic of your communications is encrypted—in other words, do not visit a coffee shop and avail yourself of the free Wi-Fi without using a virtual private network (VPN). For small businesses, go three inexpensive steps further: First, train your employees on an on-going basis to look for the tell-tale signs of a phishing attack. Second, ensure your applications and systems are patched with the latest release. And third, place managed detection and response agents on your network to stay alert.
Whether you are new to IT or a seasoned professional, the Carolina Cyber Center provides training at every level. To learn more about what the Carolina Cyber Center offers, visit our website or call us at 828.419.0737.