Cyber Attack on Colonial Pipeline causes Presidential Executive Order on Cybersecurity

This past week, our team attended a virtual conference with over 200 other IT providers worldwide. We were learning about cybersecurity and ways to protect our customers.

Ironically, there is a gas shortage as a ransomware attack has hit the Colonial Pipeline.

Now more than ever, you need to secure your business as Ransomware attacks are on the rise for both large and small companies alike.

You may only hear about the large ransomware or cybersecurity events in the news. However, this hits all businesses, large and small.

Coulson Technologies was calling to help a few of these in South Central PA, and many of them are small companies with as few as three employees.

Gov. Ron DeSantis on Tuesday declared a state of emergency over the cyber-attack that shut down the Colonial Pipeline.

The Colonial Pipeline, the biggest fuel pipeline in the U.S., delivering about 45% of what is consumed on the East Coast, was hit on Friday with a cyberattack by hackers who lock up computer systems and demand a ransom to release them. The attack raised concerns, once again, about the vulnerability of the nation’s critical infrastructure.

A large part of the pipeline resumed operations manually late Monday, and Colonial anticipates restarting most of its operations by the end of the week, according to U.S. Energy Secretary, Jennifer Granholm.

DeSantis stated in a press conference earlier in the day that the state was monitoring the situation.

“I think this is something that demands really serious federal attention,” DeSantis stated, “My fear is you have these gas shortages; it’s going to cause a lot of problems for people.”

This past Wednesday (May 12^th), President Joe Biden signed an executive order which highlighted our need for a more robust cybersecurity posture on our critical infrastructure and system.

Parts of this order we find to be especially concerning,

“Requires IT service providers to tell the government about cybersecurity breaches that could impact U.S. networks, and removes certain contractual barriers that might stop providers from flagging breaches.”

This requirement forces IT Companies to inform the government about breaches. This notification is no longer optional.

An additional clause to note regarding encryption and 2FA,

“Mandates deployment of multifactor authentication and encryption with a specific time period.”

If your system is hacked, breached, or ransomed, law enforcement and the government will not help you. It will all be on you, regardless of who is holding you ransom.

It is crucial to protect your business today by locking your system down with a combination of whitelisting and ring fencing. Schedule a quick 10 minute discovery call to see if you qualify for our free network assessment!