Ransomware Attacks Endanger Infrastructure and the Businesses Maintain It

May 13, 2021

In this week’s news, the dramatic shutdown of Colonial Pipeline has sent shockwaves through the United States. The company is the operator of the largest fuel pipeline in the US, moving fuel into states on the Eastern seaboard, transporting more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor. Founded in 1962 and headquartered in Alpharetta, Georgia, privately company Colonial Pipeline provides roughly 45% of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel and military supplies. 


What’s next in phishing? Find out in the 2021 State of Email Security Report! GET IT NOW>>


Gangs Are Bold and Risk is High for Every Infrastructure Resource

Although early reports blamed this incident on nation-state hacking,  FBI officials announced that the culprit is DarkSide, a Russian ransomware gang. Sources familiar with the operation say that the gang stole almost 100 gigabytes of data in the incident. DarkSide has compromised more than 40 victim organizations and demanded between $200,000 and $2 million in ransom from them since its emergence in August 2020. The company has contracted FireEye Mandiant to manage the incident response investigation, and the US Federal Bureau of Investigation (FBI) has been briefing relevant federal authorities.  

One of the biggest concerns that has spawned from this incident is the impact that a cybersecurity incident at a small company can have on the overall infrastructure in the United States. The fact that one phishing email can potentially shut down essential goods and services in great swathes of the country is incredibly dangerous. Thousands of SMBs in the US manage or own essential infrastructure that is more likely to be state-owned outside the US, and they aren’t serious about the implications of record-breaking ransomware attack volume. From pipelines to power plants, protecting companies in the private sector from risk is a critical priority in a country that regularly depends on privately owned infrastructure and resources to function.  


Automated security isn’t a luxury. See why Graphus is a smart buy. LEARN MORE>>


Several Senators, most notably Senate Intelligence Committee Chairman Mark Warner, D-Va., have begun to call for legislation that would require private companies to report cyberattacks to the government. The Senate Intelligence Committee will likely be holding hearings about this incident, the repercussions, and how to prevent further incidents in the near future. Many officials claim that they were unaware of the scope of vulnerabilities at so many SMBs controlling infrastructure. Senators and cybersecurity experts agree that more oversight and regulatory scrutiny for infrastructure targets is needed to prevent this type of attack from continuing to endanger major privately-held infrastructure targets. 

CISA contends that attacks like this have jumped more than a 300% over the previous year. Sophisticated gangs are always on the hunt for vulnerabilities or opportunities that will allow them to strike at other high-value targets. The Colonial Pipeline attack comes amid rising concerns over the cybersecurity vulnerabilities in America’s critical infrastructure following a spate of recent incidents. Recent incidents have also drawn focus to another major pitfall of infrastructure cybersecurity vulnerability: the security of SMBs that perform services for or have other relationships with infrastructure targets. 


We’ll show you how to spot security risks fast with employee profiling! SEE THE DEMO>>


This Trend Brings Trouble to More Places Than You Think

What this means is that if your business is operating or maintaining essential infrastructure assets, you’re definitely on a cybercriminal hit list. Even if your organization is just doing business with operators of critical infrastructure, your company is at risk. Information or credentials relating to companies like those will sell quickly in the booming dark web data markets. The danger is especially acute for MSPs who count infrastructure companies among their clientele. Using SolarWinds as an example, in that hack (launched with a phishing email), the threat actors hacked into SolarWinds because it enabled them to access their target’s network easily without raining suspicion.  

In many cases, cybercriminals will choose to strike at businesses that serve infrastructure targets because their security is easier to penetrate. That makes it essential for organizations that connect to infrastructure targets to take their security extremely seriously. Like most of today’s disruptive cybercrime, DarkSide used a ransomware-laden phishing email to kick off the party. By keeping phishing email away from employee inboxes, companies reduce the chance that a dangerous message capable of crippling their operations could slip in. Businesses that have relationships with infrastructure targets will need to be extremely vigilant about spotting and stopping phishing before a disaster of this magnitude strikes them. 

That’s what makes Graphus an ideal security tool for protecting businesses that own, maintain or serve critical infrastructure from ransomware attacks and other phishing-based cybercrime. This powerful guardian catches and quarantines 40% more phishing messages than the competition. Plus, the AI isn’t going to be lured in by social engineering tricks. And the smart protection that you get from Graphus is always on and always operating at peak capacity, unlike stressed, tired or distracted employees, for the 24/7/365 protection that businesses need to support a remote or hybrid workforce,

Simple to operate with no complex integrations, this AI-driven automated email security solution constantly collects and analyzes threat intelligence without human intervention, freeing valuable personnel up for more skilled projects that require human supervision. Plus, the Graphus Dashboard makes it easy for businesses to see where their threats are coming from, enabling them to know that they need to use extra caution with emails from certain sectors or address unexpected vulnerabilities.  

Don’t wait until an employee accidentally clicks on a phishing email that is actually a disruptive ransomware attack. Contact our solutions experts today and put effective, cost-effective automated protection against phishing to work for your business.