Terry Olaes, Technical Director (North America) of Skybox Security comments: “As the Colonial Pipeline attack issue continues, it is likely to have a major impact on the nation’s oil supply as the breach continues to lock up the company's pipelines. The attack underscores why companies must double down on protecting their critical infrastructure."
Olaes has the following pointers on the attack and how organisations can prevent future breaches of this magnitude:
- Hackers now see critical infrastructure as low-hanging fruit. With the rise of Industrial IoT sensors coupled with outdated legacy IT systems not designed to withstand blistering hacks, this makes critical infrastructure a perfect target for cybercriminals.
- Recent research highlights how these types of attacks continue to trend upward as OT attacks jumped by 30% in 2020 alone and IIoT flaws increased 308% year-over-year.
- Leaders in this space are often in a Catch 22. OT-reliant industries (such as utilities and manufacturing) can’t afford to shut down for comprehensive overhauls of legacy technology; freezing operations means lost dollars. Hackers are seizing the opportunity to attack OT-reliant organisations, enterprises, and governments, knowing they will pay hefty ransoms to prevent disruption.
- Additionally, OT device vulnerability scans and remediation often happen only once or twice per year, if at all, limiting visibility on the constantly evolving threats and leaving vulnerabilities unpatched for months. Years of computer and network neglect only compound the urgent need to shore up security.
- Apathy is arguably the most significant risk to critical infrastructure security. Security and facility leaders in OT-dependent industries must evolve their thinking and take action to avoid ending up in the crosshairs of a hacker.
- Taking a proactive approach to visualise and analyse IT/OT networks and hybrid, multi-cloud collectively will provide critical insight into the attack surface and help prevent future OT attacks from happening.
Read the latest issue of World Pipelines magazine for pipeline news, project stories, industry insight and technical articles.
The May issue of World Pipelines includes a regional report on Canada’s oil and gas sector, as well as technical articles on integrity management software, leak detection, NDT, and project case studies. Don’t miss our feature on young pipeliners, in which World Pipelines’ Senior Editor Elizabeth Corner interviews the winners of the John Tiratsoo Award for Young Achievement, awarded by Young Pipeliners International, in partnership with PPIM.
Read the article online at: https://www.worldpipelines.com/business-news/11052021/skybox-security-comments-on-colonial-pipeline-hack/