Why is a Billion Dollar Pipeline Incapable of Defending Itself Against Ransomware?
The person in charge has some serious explaining to do. This sort of risk didn't come from nowhere.
May 14, 2021|
12:01 am
Bill Blunden
“This is why frontier life is so difficult.
Not because of the Indians or the elements but because of the idiots”
─Samantha, from the movie Bone TomahawkAs details emerge concerning the recent breach of Colonial Pipeline’s network the press has focused primarily on the fallout of the shutdown. In a manner similar to the coverage of events surrounding the financial collapse of 2008, the media’s collective spotlight is emphasizing the spectacle of the ensuing calamity and its scale rather than the underlying failures that enabled it. This indicates that an agenda is likely at work. Or maybe it’s just a twist of fate that all those bankers skipped off into the sunset with their annual bonuses?
Ransomware is a pervasive threat. Any chief information officer worth his salt will have the foresight to deploy the controls necessary to sufficiently raise the cost of attacks as well as limit the damage that they incur—particularly when it comes to protecting the American infrastructure. Entire frameworks have been designed for managing cybersecurity. They’ve been around for years. There is even guidance aimed squarely at the energy sector describing how to implement them. The security programs produced by these frameworks almost always involve essential activities like threat modeling and risk assessment, as well as performing table top exercises, penetration testing, and disaster recovery dry runs. It’s all about managing risk and forging a solid incident response playbook.
When leaders don’t cut corners frameworks yield results. For example, in 1991 the Federal Reserve of Minnesota successfully executed its disaster recovery plan after a water main burst above its data center. With the alacrity that comes from careful, deliberate, preparation the Federal Reserve’s emergency response team sprang into motion. In a matter of hours a backup data center in another city was brought online and began handling daily transactions thanks to the dedication of 50 employees. Based on statements from officials who understand its procedures, the Fed’s digital platform includes multiple layers of redundancy to the extent that it would probably take a nuclear first strike to knock America’s central banking system out of commission. And if the precautions taken during the Cold War are any indication, even that might not be sufficient.
more
https://www.theamericanconservative.com/articles/why-is-a-billion-dollar-pipeline-incapable-of-defending-itself-against-ransomware/