Show an ad over header. AMP

I am the FIRST

The ransomware pandemic

"We are on the cusp of a global pandemic," said Christopher Krebs, the first director of the Cybersecurity and Infrastructure Security Agency, in Congressional testimony last week. The virus causing the pandemic isn't biological, however. It's software.

Why it matters: Crippling a major U.S. oil pipeline this weekend initially looked like an act of war — but it's now looking like an increasingly normal crime, bought off-the-shelf from a "ransomware as a service" provider known as DarkSide.


Driving the news: Colonial runs the largest refined products pipeline in the country, transporting over 100 million gallons per day. It was shut down on Sunday in response to a ransomware attack, and will be reopened in "an incremental process" over the course of this week, per a corporate statement.

  • That's faster than the market expected — energy prices fell after the statement was released, after rising on the initial shutdown news.

The big picture: No company is safe from ransomware, and often the lines between criminals and state actors can be fuzzy. Preventing even bigger future attacks will require a so-far elusive degree of coordination between the public and private sectors in dozens — if not hundreds of countries.

  • Threat level: Very high. "Cybersecurity will be the issue of this decade in terms of how much worse it is going to get," IBM CEO Arvind Krishna told reporters Monday.
  • Currently, per Forrester analyst Allie Mellen, companies' main strategy is to pay up if hit — and to try to be slightly less vulnerable to attack than their competitors. "What do security pros do right now to lower their risk in the face of future ransomware attacks? Outrun the guy next to you,” Mellen says.

Between the lines: If anything, Colonial Pipeline was lucky that it is so important to the functioning of the American economy. Its systemic status helped to mobilize the full resources of the U.S. government, and even elicited an apology, of sorts, from DarkSide.

  • “Our goal is to make money and not creating problems for society," said the group in a statement on the dark web. "From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences.”

What they're saying: "There is no silver bullet for solving this challenge," concludes a major report on combating ransomware from the Institute for Security + Technology. "No single entity alone has the requisite resources, skills, capabilities, or authorities to significantly constrain this global criminal enterprise."

  • The fight will require the active involvement of the National Security Council, says the report, as well as much more regulation of cryptocurrency, which is invariably used to pay the ransom.
  • It will also require a major upgrade of technology systems at the state and local level, very few of which have been migrated to cloud-based systems that can try to keep one step ahead of the bad guys.

The bottom line: The Colonial Pipeline attack was so big that it couldn't help but make headlines. But most attacks are quietly paid off with no fanfare and no publicity, making it extremely difficult to gauge the true scale of the problem.

regular 4 post ff

infinite scroll 4 pff

Why the startup world needs to ditch "unicorns" for "dragons"

When Aileen Lee originally coined the term "unicorn" in late 2013, she was describing the 39 "U.S.-based software companies started since 2003 and valued at over $1 billion by public or private market investors."

Flashback: It got redefined in early 2015 by yours truly and Erin Griffith, in a cover story for Fortune, as any privately-held startup valued at $1 billion or more. At the time, we counted 80 of them.

Keep reading... Show less

Scoop: Facebook's new moves to lower News Feed's political volume

Facebook plans to announce that it will de-emphasize political posts and current events content in the News Feed based on negative user feedback, Axios has learned. It also plans to expand tests to limit the amount of political content that people see in their News Feeds to more countries outside of the U.S.

Why it matters: The changes could reduce traffic to some news publishers, particularly companies that post a lot of political content.

Keep reading... Show less

Insights

mail-copy

Get Goodhumans in your inbox

Most Read

More Stories