Count of known DarkSide victims from August 2020 to April 2021 (Sources: Mandiant, Sophos)

Rise of DarkSide: Ransomware Victims Have Been Surging

Mathew J. Schwartz • May 12, 2021

For anyone wondering how the Russian-speaking, ransomware-wielding DarkSide crime syndicate was able to disrupt a major U.S. fuel pipeline, a more pertinent question might be: Why didn’t it happen sooner?

Critical Infrastructure Security

Attackers' Dwell Time Plummets as Ransomware Hits Continue

Latest

Fraud Management & Cybercrime

Biden's Cybersecurity Executive Order: 4 Key Takeaways

Scott Ferguson • May 13, 2021

By issuing a sweeping cybersecurity executive order on Wednesday, the Biden administration is attempting to take a critical step to address security issues that have come to light after recent cyberattacks. Here's an analysis of the order's key elements.

3rd Party Risk Management

Colonial Pipeline Attack: 'We're Simply Unprepared'

Tom Field • May 13, 2021

As former CISO of Pacific Gas & Electric, Bernie Cowens knows plenty about cyber securing the nation's critical infrastructure. He shares his informed opinion on the Colonial Pipeline ransomware attack and what public and private sector entities must do to shore up key defenses.

3rd Party Risk Management

Biden Signs Sweeping Executive Order on Cybersecurity

Doug Olenick • May 12, 2021

President Joe Biden signed an extensive executive order Wednesday that describes the government's plan to increase cybersecurity protection across the public and private sectors as well as secure the nation's infrastructure against the type of attack that targeted SolarWinds and its customers.

Critical Infrastructure Security

Colonial Pipeline Restarts Operations Following Attack

Scott Ferguson • May 12, 2021

Colonial Pipeline Co. announced Wednesday that it had restarted its operations following a ransomware attack last Friday. The company says it will take several days to restore all of its supply chain operations.

Critical Infrastructure Security

Colonial Pipeline Attack: 'All Monsters Are Human'

Tom Field • May 12, 2021

In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected Colonial Pipeline this past week. Sam Curry, CSO of Cybereason, shares insights on DarkSide and the tactics behind the new breed of ransomware attacks.

Endpoint Detection & Response (EDR)

Tips on Implementing XDR

Suparna Goswami • May 11, 2021

When it comes to implementing XDR - cross-layered detection and response - enterprises need to be able to leverage their existing tools, says Aaron Sharp, cybersecurity consultant at Verizon Advanced Solutions.

Critical Infrastructure Security

Colonial Pipeline: 'A Global Day of Reckoning'

Tom Field • May 11, 2021

Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.

Business Continuity Management / Disaster Recovery

Assessing Whether a Nation-State Had a Role in Pipeline Attack

Steve King • May 11, 2021

Tom Kellerman of VMware Carbon Black shares his opinions about whether a nation-state was behind the recent ransomware attack on Colonial Pipeline and what the U.S. government should do to prevent other cyberattacks.

Cybercrime

DarkSide's Pipeline Ransomware Hit: Strictly Business?

Mathew J. Schwartz • May 11, 2021

"It's not personal ... It's strictly business." That line from "The Godfather" encapsulates the mindset of criminals who extort businesses using ransomware and other tools: Their imperative is profits, no matter any disruption they might cause to critical services, such as those provided by Colonial Pipeline.

Fraud Management & Cybercrime

Pipeline Attack: 'Time for a Disproportionate Response'

Tom Field • May 10, 2021

It’s serious, impactful and raises new questions about critical infrastructure protection. But don’t tell Philip Reitinger of the Global Cyber Alliance that the Colonial Pipeline ransomware attack is any kind of a “wake-up call.” He says we’re long past that.

Critical Infrastructure Security

Colonial Pipeline Confirms Ransomware Causing Disruptions

Scott Ferguson • May 8, 2021

Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.

Critical Infrastructure Security

US and UK Issue Joint Alert on Russian Cyber Activity

Doug Olenick • May 8, 2021

U.S. and U.K. cybersecurity, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds supply chain attack.