Cybercrime has been on the rise for years without showing signs of slowing down. The arrival of the COVID-19 pandemic added fuel to the fire, as millions of new opportunities to exploit vulnerabilities were available to malicious actors, with security professionals scrambling to catch up. What is different over the last few months is the high-profile nature of the attacks, and their potential to wreak major damage to infrastructure, logistics, and supply chains in the United States. Consider the following three recent attacks:
Florida Water Supply – In February 2021, an employee at a water treatment plant in Oldsmar, Florida, noticed odd behavior on his workstation. Initially, he was not concerned: the plant used TeamViewer for remote access and screen sharing, and his boss often connected to his computer to monitor systems at the facility. A few hours later, the behavior was observed again, this time with the intruder attempting to change the water supply’s levels of sodium hydroxide to over 1000 times the normal concentration. The operator was able to quickly reverse the activities and return all levels to normal.
Colonial Pipeline – In early May 2021, the Colonial Pipeline, which carries 45% of all fuel consumed on the East Coast, was hit with a ransomware attack that impacted the billing and financial systems. In response, Colonial Pipeline Company shut down all operations to contain the attack. The hackers also stole close to 100 gigabytes of sensitive data that they threatened to release if the ransom was not paid. As a result, major fuel shortages amid panic buying began to grip the southeast and mid-Atlantic for nearly two weeks. The company had long maintained that there was total segregation and isolation between the operational and data systems, which is critical to a harder secure posture but appears to have been at best a misrepresentation.
JBS SA – Just this past holiday weekend, a cyberattack on JBS, the world’s largest meat producer globally, forced the shutdown of some of the world’s largest slaughterhouses, wiping out nearly one-fifth of U.S. beef capacity. JBS suspended its North American and Australian computer systems after an organized assault on its servers, seriously delaying transactions with customers and suppliers. As this attack is so recent, information is still forthcoming as to how the attack was carried out and the extent of the damage done.
The relative ease with which hackers were able to breach these systems is concerning. Critical infrastructure and supply chain links have been exposed and major public disruption followed as a result. An organization charged with maintaining the integrity and smooth delivery of the water supply to a city using TeamViewer for remote management? A private pipeline company charged with transporting fuel for a significant percentage of the East Coast not following security best practices, leaving their network and data exposed?
Setting aside any specific analysis of why these specific industries and organizations have been targeted, the most pressing question is how? How does this keep happening and how do companies with fewer resources and smaller workforce prevent intrusion and protect themselves? Security is a critical component to every business’ operation; lacking a full understanding of the depth and breadth of vulnerabilities and potential threats that exist is like playing with fire.
Small businesses often fall into the trap of believing that because they are a small business, they are not likely to be targeted. According to the Verizon Business 2020 Data Breach Investigations Report, a third of data breaches last year involved small businesses. A 1 in 3 chance that you may potentially have to close your doors permanently. This is a risk you should not be willing to take. Wellforce provides customized, robust, adaptive AI-powered cybers security solutions with full 24/7 Security Operations Center support to help you sleep at night. Contact our expert consultants today for a free cybersecurity assessment to protect what is important to you. It’s time to take cybersecurity seriously.