Security Cloud Courses About

What You Need To Know About the Colonial Pipeline Attack

Colonial Pipeline is recovering from a ransomware cyberattack. With any attack that has this level of visibility there’s a ton of assumptions and people leaping to conclusions…especially around attribution.

We don’t have a lot of information about the attack. That’s completely normal at this stage.

The team at Colonial Pipeline is working through their incident response process. Attribution doesn’t happen until the later stages of that process (if ever!) but a critical step is “containment.”

That’s what prompted the pipeline closure and—while difficult—it’s good that they took that step to reduce any potential damage.

Ransomware very often tries to encrypt any and all systems it can reach. Stopping the spread most likely saved the team an even bigger headache down the line

Learn more in this short…

References