Colonial Pipeline One Year On – Protecting Critical Infrastructure

by | May 18, 2022 | Thought leadership

The attack last year on Colonial Pipeline, a vital component of the US petroleum network, severely damaged the company’s operations, causing it to halt distribution of 2.5 million barrels of fuel per day across its 5,500 miles of pipe system. This amounted to about half of the fuel utilized on the US East Coast, prompting politicians to pass emergency legislation permitting fuel to be transported by road.

According to official media announcements at the time, Colonial Pipeline took systems offline to limit the threat, brought in third-party security experts and devised a system restart plan. The difficulty with this strategy – which focuses on addressing vulnerabilities only after an attack – means that the harm has already been done. Faced with this kind of situation, organizations often feel they are obliged to pay ransom demands or undertake costly recovery procedures.

Fast forward to today and for every possible cybercrime victim, the underlying IT networks that allow them to function are becoming more complex, increasing the amount of potential vulnerabilities. Even the tiniest Internet of Things (IoT) gadgets have suddenly become potential gateways to critical networks, providing bad actors with more choices for mounting potentially devastating cyber attacks.

While Colonial is the most well-known of the publicly documented critical infrastructure attacks, they remain far from alone. Last year, approximately 650 ransomware incidents targeted vital infrastructure in the United States, according to the FBI’s 2021 Internet Crime Report. The volume and severity of attacks are likely to increase given current geopolitical tensions.

Proactive Security

So, where do we go from here? Organizations encounter a variety of threats and weaknesses that demand immediate attention, such as the hazards posed by file-based cyber security threats, which contain potentially dangerous content in about one out of every 100,000 files.

Despite the fact that most businesses understand the necessity of protecting their valuable files and data from malware and ransomware, the vast majority rely on antivirus and sandboxing technologies to do so. While these solutions are a vital element of any comprehensive cybersecurity plan, they can also introduce major security flaws.

For example, around 70% of malware found in files is of an unknown variant when it is received, making it invisible to reactive cybersecurity technologies. Exacerbating this problem is updating antivirus and sandboxing technologies can take up to 18 days, leaving systems vulnerable to attack.

Instead, critical infrastructure organizations must take a proactive approach to file security, and one of the most effective ways to do so is to use Content Disarm and Reconstruction (CDR) technology, which instantly cleans and rebuilds files to match their ‘known good’ manufacturer’s spec, removing potential threats automatically.

Closing all potential attack angles has become vital for critical infrastructure providers in order to defend public services and the wider national interest. According to the recent Five Eyes security advisory, for instance, “Critical infrastructure network defenders should prepare for and mitigate potential cyber threats—including damaging malware, ransomware, DDoS attacks, and cyber espionage.” In the current climate, proactive cybersecurity solutions are more critical than ever in order to ensure networks remain safe.

Related

CDR Platform

CDR Engine

Solutions

API

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop App

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.