The big ransomware story this week is the big national story, too.  A ransomware attack on a gas pipeline responsible for 45% of the east coast’s fuel has led to an emergency declaration in 17 states.  The hackers claim targeting large-scale infrastructure was an accident.  “Our goal is to make money,” they said, “not creating problems for society.”

Here’s a little more on that, along with other cybersecurity stories happening this week.


Colonial Pipeline Ransomware Attack Leads to Gas Shortages, Emergency Declaration

If you’ve seen any long lines at gas stations this week, you know how much chaos a single cyberattack can cause.  Gas pipeline operator Colonial was hit by ransomware nearly a week ago, and its systems have been largely offline since then.  This has shuttered its pipeline operations, which carry 2.5 million barrels of oil per day to states from Texas to New Jersey. While the pipeline’s closure shouldn’t have caused a shortage by now, the panic-buying that followed ensured that it did.

Russian hacking group DarkSide are believed to be the culprits.  They’re a bit more famous than they would have liked to be this week, especially at the White House.  So far, it looks like a cash-grab gone wrong – as if they tried to rob a bank and only realized after the fact that they were at the Federal Reserve.  Their “corporate” website says they try to target profitable companies  and stay away from governments.  [Read More at Reuters]

Attack on Research Institution Highlights Dangers of Unsecured Networks.

A college student tried to save a few hundred dollars by downloading pirated software, leading to a research institute losing a week’s worth of vital research data.  Between these two events were a series of network security failures, including neglecting multi-factor authentication, role-based access control, and frequent backups.

The story serves as an excellent reminder of how organizations with permissive security environments are increasingly likely to face attack, even if they’ve avoided them for years.  Says one security researcher quoted in the article: “You’re not too big, too small, too hybrid, too virtualized or too ‘zero trust’. I promise. Things are very bad. Be prepared now and take serious mitigating measures.” [Learn more at ThreatPost]

Veterans Affairs Medical Records Leak May Be Due to Ransomware

This story is just breaking. Nearly 190,000 Veterans Affairs medical records found their way to an unsecured online folder – possibly by way of a hacking group who stole them and demanded payment to keep them confidential.  Whatever the cause, the information included names, email addresses, phone numbers, medical record numbers and the reason individual patients scheduled the appointment.  If a hacking group is involved, it’s just one of a growing number of government contractors facing ransomware attacks. [Learn more at ThreatPost]