The attack on Colonial Pipeline in May last year, which affected the company’s billing system, highlighted some cybersecurity gaps in both the US government and industries, as an attack on the IT systems of critical infrastructure was able to bring operational technology operations to its knees. Not only did the ransomware attack force Colonial Pipeline to go offline, but it also compromised the personal information of nearly 6000 individuals, highlighting the importance of adequate cybersecurity to protect both business operations and customers.
Even relatively naïve attacks are accompanied by a torrent of consequences while also revealing how far governments and OT industry asset owners must go to thwart cyber-attacks and implement defense-in-depth security control strategies to protect critical infrastructure. Unfortunately, Colonial Pipeline suffered these consequences and can now be used as an example to teach some valuable lessons about how to handle a cyber-attack. The primary takeaway for other organizations is to separate IT management and the actual operational technology. Other pipeline operators, for instance, have started paying more attention to how to…
