Latest

Breach Notification

Colonial Pipeline Attack Leads to Calls for Cyber Regs

Scott Ferguson  •  May 12, 2021

The ransomware attack against Colonial Pipeline, which has disrupted the flow of gasoline and other petroleum products throughout the eastern U.S. since Friday, is prompting members of Congress to call for new cybersecurity regulations and ask probing questions about regulators' scrutiny of security measures.

►

Critical Infrastructure Security

Colonial Pipeline Attack: 'All Monsters Are Human'

Tom Field  •  May 12, 2021

In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected Colonial Pipeline this past week. Sam Curry, CSO of Cybereason, shares insights on DarkSide and the tactics behind the new breed of ransomware attacks.

►

Critical Infrastructure Security

Colonial Pipeline: 'A Global Day of Reckoning'

Tom Field  •  May 11, 2021

Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.

Business Continuity Management / Disaster Recovery

Assessing Whether a Nation-State Had a Role in Pipeline Attack

Steve King  •  May 11, 2021

Tom Kellerman of VMware Carbon Black shares his opinions about whether a nation-state was behind the recent ransomware attack on Colonial Pipeline and what the U.S. government should do to prevent other cyberattacks.

Cybercrime

DarkSide's Pipeline Ransomware Hit: Strictly Business?

Mathew J. Schwartz  •  May 11, 2021

"It's not personal ... It's strictly business." That line from "The Godfather" encapsulates the mindset of criminals who extort businesses using ransomware and other tools: Their imperative is profits, no matter any disruption they might cause to critical services, such as those provided by Colonial Pipeline.

Critical Infrastructure Security

FBI: DarkSide Ransomware Used in Colonial Pipeline Attack

Scott Ferguson , Doug Olenick  •  May 10, 2021

The FBI and White House confirmed Monday that the DarkSide ransomware variant was used in the Friday attack that caused disruptions at Colonial Pipeline Co., which operates a pipeline that supplies fuel throughout the eastern U.S. But the gang behind the ransomware tried to shift the blame to an affiliate.

►

Fraud Management & Cybercrime

Pipeline Attack: 'Time for a Disproportionate Response'

Tom Field  •  May 10, 2021

It’s serious, impactful and raises new questions about critical infrastructure protection. But don’t tell Philip Reitinger of the Global Cyber Alliance that the Colonial Pipeline ransomware attack is any kind of a “wake-up call.” He says we’re long past that.

Critical Infrastructure Security

Colonial Pipeline Confirms Ransomware Causing Disruptions

Scott Ferguson  •  May 8, 2021

Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.

Critical Infrastructure Security

US and UK Issue Joint Alert on Russian Cyber Activity

Doug Olenick  •  May 8, 2021

U.S. and U.K. cybersecurity, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds supply chain attack.

Critical Infrastructure Security

US Physics Laboratory Exposed Documents, Credentials

Jeremy Kirk  •  May 7, 2021

The Fermilab physics laboratory in the U.S. has tidied up its systems after security researchers found weaknesses exposing documents, proprietary applications, personal information, project details and credentials.

Endpoint Security

How Patched Android Chip Flaw Could Have Enabled Spying

Prajeet Nair  •  May 7, 2021

A severe vulnerability in a system on certain Qualcomm chips, which has been patched, potentially could have enabled attackers to remotely control Android smartphones, access users' text messages and listen in on conversations, according to a new report from Check Point Software Technologies.

Fraud Management & Cybercrime

CISA Alert Describes FiveHands Ransomware Threat

Doug Olenick  •  May 7, 2021

The Cybersecurity and Infrastructure Security Agency has issued an alert providing more details on the threat posed by FiveHands ransomware attacks and offering risk mitigation tips.