Written by: Jay H.
According to a Canadian security expert, the ransomware attack on a major U.S. gas pipeline should be a wake-up call for complacent Canadians.
“My sense is we are seriously vulnerable, and this [attack] is a major canary in the coal mine”, Christian Leuprecht, a security and defence expert and Queen’s University professor, said in an interview days after the ransomware attack on Colonial Pipeline Co.
On May 7, the system operator learned of the attack and shut down its 5,500 miles of pipeline to contain the threat. This vital pipeline carries 45 percent of the East Coast’s fuel supplies, prompting the Biden administration to loosen regulations for the transport of petroleum products on highways to avoid fuel supply disruptions.
According to reports, the pipeline is slowly reopening its lines and expects to be fully functional by the end of this week.
Russian Ransomware Group Behind Attacks
The FBI confirms that the Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks, said the bureau in a statement on Monday. We continue to work with the company and our government partners on the investigation. At the same time, U.S. President Joe Biden said during a press conference that while there is no evidence that the Russian government is behind the attack, DarkSide is Russian-based, so they share some responsibility.
In response, DarkSide issued a statement on their website saying that the group was not trying to hinder society.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives. Our goal is to make money, and not creating problems for society,” said the group. “From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.
Canada’s Aging Infrastructure A Concern
However, “Canadians shouldn’t feel smug the attack didn’t happen here,” said Leuprecht. “Chances are any vulnerability in Colonial’s system also exists in Canadian pipeline firms.”
In 2019, the government proposed a $144.9 million budget for the cybersecurity of Canada’s critical infrastructure. Yet, the government has deployed neither the funds nor new legislation needed.
The 2019 budget stated the money would be dispersed over five years to protect Canada’s critical cyber systems including in the finance, telecommunications, energy and transport sectors. The funding relied on new legislation to introduce a new critical cyber systems framework, which still hasn’t transpired.
An attack on our aging infrastructure could be catastrophic. Since all critical infrastructures have internet connections, we could witness the same type of attack as the Colonial Pipeline“ or worse.
Overall, the key takeaway from this attack for Canadian citizens and political leaders is that it is not a matter of if a cyberattack will occur; it’s a matter of when.
Your organization is also at risk of cyberattacks, including data breaches, malware, and other threats. Consider partnering with a managed IT service provider such as Design2Web IT to protect your organization from cybercriminals. Contact us today to see how we can help your business stay safe.
Comments are closed.