Last month, people across the East Coast of the United States waited in long lines at the gas pump after a ransomware cyberattack crippled a significant gas pipeline that delivers nearly half of the fuel to the region.
It took Colonial Pipeline, which manages nearly 5,500 miles of gas pipelines, approximately a week to get its systems back online and ensure their safety. The company even agreed to pay a $4.4 million ransom to hackers to decrypt their data following the attack, though a full recovery still took some time to complete.
While an organization like the Colonial Pipeline might present a significant target to hackers given its importance to the overall national industry, the reality is that ransomware attacks are hitting businesses of every size and in every economic sector. Organizations need to make sure they are taking the necessary protections and preparing their businesses to respond in the event of an attack.
Protections and preparation are crucial for SMBs, who are likely not to have the same scale of resources as a large enterprise. How many small businesses, for instance, could afford to pay $4.4 million in ransom? According to one report, 60 percent of managed service providers (MSPs) said their SMB customers experienced a ransomware attack in the third quarter of last year. The average attack cost more than 4,200. (bloom.health)
One of the most effective ways to prevent a ransomware attack is to ensure your business has basic cybersecurity hygiene measures in place. A single compromised password has been attributed as the cause of the Colonial Pipeline attack. According to the Cybersecurity & Infrastructure Security Agency (CISA), organizations should take steps like ensuring multi-factor authentication, updating software, filtering network traffic, and implementing a user training program to reinforce security basics.
Additional measures may also be needed by SMBs in industries like manufacturing or utilities that operate critical infrastructure or operational technology (OT) networks. Historically, these networks have not received as many protections as traditional IT networks, though the Colonial Pipeline attack reinforced the importance of securing these networks. An MSP can help ensure an SMB has taken necessary security precautions to protect critical infrastructure, including properly segmenting OT networks from IT systems.
An MSP can play a critical role in ensuring these basic cybersecurity hygiene principles are put in place and maintained over a regular basis. In the unfortunate event of an attack, an MSP can also assist with remediation and response to limit its impact on the business.
By acting as a trusted advisor to their SMB customers, MSPs can educate them on the importance of investing in protecting their organization against ransomware and ensuring their businesses can withstand a potentially devastating attack like the one that affected Colonial Pipeline.