Members of the U.S. House of Representatives sought to understand why Colonial Pipeline paid ransom to DarkSide and how government can work with or regulate the private sector to prevent another crippling cyber attack.
Ransomware: To Pay Or Not To Pay
(Credit: Pexels)
Ransomware is a growing threat for utilities, as most recently evidenced by the May attack on Colonial Pipeline, and cybersecurity has been cited as a top ESG concern, according to the RBC Global Asset Management Responsible Investment Survey.
Whether or not to pay large sums of money to attackers is hotly debated. In Colonial’s case, the company ultimately made the decision to pay about $5 million in ransom – out of concern for prolonged pipeline outage resulting in energy shortages – though federal investigators were able to recover more than half of that. Colonial worked closely with government agencies, law enforcement officials, and several consultants, including Dragos, Mandiant Threat Intelligence and Black Hills Information Security, to determine its strategy to address the attack.
WASHINGTON — The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password,
According to a cybersecurity consultant who responded to the attack, the hacking that caused the largest fuel pipeline disruption in the United States and