Many in mainstream media have characterized the DarkSide attack on Colonial Pipeline, which operates a significant portion of the nation’s critical energy infrastructure, as a wake-up call for CIOs and CISOs. If that is the case, then they are hard of hearing as this klaxon has been sounding for many years, as company after company fends off ransomware attacks.

A senior administration official, speaking on background, commented how “these incidents are a reminder that our adversaries will use multiple methods of attack, whether hunting for coding errors or compromising our supply chains to create opportunity.” The official continued how incidents such as the SolarWinds, Microsoft Exchange and the Colonial Pipeline attacks share commonalities. The first being, “a laissez-faire attitude toward cybersecurity.” The second being “poor software security and current market development of ‘build, sell, and maybe patch later.’”

To read this article in full, please click here

You May Also Like

Kaseya Ransomware Attack: ‘It Could Have Been Much Worse’

Michael Daniel of Cyber Threat Alliance on Impact of Latest Supply Chain…

Government Cybersecurity Summit: A Preview

CISA’s Brandon Wales, Rep. Jim Langevin Among the Featured SpeakersActing CISA Director…

Health Data Breach Trends: A Mid-Year Report

Ransomware Attacks, Vendor Incidents Continue to DominateRansomware attacks and breaches of vendors…

Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals

An aerial view of a Colonial Pipeline tank farm. A cyberattack that…