Are you protected from ransomware?
The recent ransomware attack on the Colonial Pipeline company has been heavily covered in the news in recent days due to the massive impact it will on the fuel supply chain. For years, cybersecurity experts have been warning those in the petroleum industry of the likelihood and seismic impact of a ransomware attack. Rick Bos, Security Technical Lead at W. Capra added, “If it is possible for an automated ransomware botnet campaign to breach critical services, it is safe to assume attackers without strong financial motivation will have the same success.”
What do I need to do?
If you have seen the news about the Colonial Pipeline attack and have wondered if your organization could be impacted the same way, a Security Assessment is an excellent place to start. By bringing in W. Capra to assess your security posturing, you’ll have a third-party view of standards, best practices and the ever-evolving threat landscape that may need to be addressed in your organization.
Bos added, “When the details of this particular ransomware attack emerge in the coming days, we will give a more specific view as to some of the safeguards that can be put in place. The most likely attack vectors in this case are either misconfigured edge/cloud services or spear phishing based on my experience with previous ransomware campaign incidents. Security awareness and test phishing campaigns are critical to mitigate this scenario, but the best approach is zero trust architecture[1].”
Is ransomware just the latest security attack vector?
Ransomware has been on the rise in recent years and is now being described in some outlets as an epidemic. As seen with the Colonial Pipeline incident, the stakes are escalating as well. Bos suggested, “When considering security protection and prevention measures, if the goal is to not become the next headline, the time to start working on your approach is today. This isn’t something that should be planned and budgeted for 2022.”
W. Capra is dedicated to assisting clients with all things security. For further discussion, reach out to [email protected].
[1] https://www.nist.gov/publications/zero-trust-architecture
Related Insights
How Should You Introduce AI to Your Security Toolset?
There is no question that introducing AI capabilities into your company’s environment offers advantages for most business functions, including efficiencies […]
The Future of PCI DSS Scoping and Segmentation: What’s Changed?
Addressing Modern Network Challenges with PCI Security Standards Council’s New GuidelinesWritten by Josh Kennedy, W. Capra Senior PCI Consultant […]
Why should merchants work with W. Capra on their Fraud Management program?
All merchants in 2024 are concerned about and have plans in place to manage fraud related to their consumer payments […]
What’s In Store for Retail: Industry Trends to Watch
As uncertainty around the state of the economy lingers due to inflation, retailers need to be thinking about how they […]
Want to stay in touch? Subscribe to the Newsletter
