Historical Colonial Pipeline Ransomware Attack: Detection vs. Enforcement
I think the whole world is now aware of the Colonial Pipeline Company ransomware attack which occurred last week. The pipeline operations transports 100 million gallons of fuel each day to meet the demand of consumers across the eastern US from Texas to New York. Responding to the ransomware attack on their IT systems, Colonial said they systematically took systems offline to contain the threat and this resulted in halting pipeline operations and depleting the supply of gas to consumers.
What are we doing about this as an industry?
Breaches keep happening, the outcomes are getting way worse and we keep doing the same thing. The definition of insanity, according to Albert Einstein, is doing the same thing over and over again and expecting a different result. The state of ransomware has reached epidemic proportions. Repeated, successful extortions of sizable ransoms from organizations across all industries is driving a continued increase in attacks. Pipelines are being shut down, hospital operations as well as the patients are being affected, utilities are getting compromised and ransoms are being paid.
Organizations all over the globe are being attacked by ransomware, with the average ransoms in the hundreds of thousands of dollars. Existing firewall and endpoint detection and response systems cannot protect networks from these attacks. Responses can take hours or days or weeks to mitigate and neutralize attacks. New zero-day ransomware variants make this even more challenging.
So … how can we address this ransomware issue?
We are currently in another global pandemic as well, COVID-19. To help contain the spread we are social distancing, wearing masks and isolating ourselves in our homes in order to stop the spread of the coronavirus. We are one giant, global human network and spreading viruses from one person to the next is easy. Our corporate IT systems work very similar to humans as ransomware/malware can spread easily from computer to computer extremely fast.
I work for Airgap Networks, a company dedicated to stopping ransomware in its tracks. Zero Trust is the right way to address the “ransomware pandemic”and Airgap’s Zero Trust Isolation platform provides a comprehensive solution for achieving this. A key part of shortening incident response comes with proper planning. Our ransomware kill switch can be set according to risk levels that are appropriate to your organization. The ransomware kill switch sharply reduces the ‘blast radius’ of any attack, usually to a single endpoint.
While there are many security companies trying to prevent ransomware from entering networks, Airgap’s Zero Trust Isolation protects your organization even if your perimeter is breached or if you have unpatched vulnerable servers inside your data center. The ransomware kill switch is built upon this zero-trust paradigm and can be installed quickly.
Why I joined Airgap Networks
Joining a startup is never decision to take lightly, especially in the security space. Also, being a customer of security products is equally a daunting task as there are so many solutions to consider. I’ve been running IT and security for years and the issue of malware/ransomware has been an issue since the beginning. Hospitals, financial institutions, biotech companies and most industries are affected by ransomware. It has become an epidemic and not only affecting IT systems, but also putting lives at risk and disrupting society. A new approach was needed to tackle this issue and when I met the Airgap team they delivered with the Ransomware Kill Switch and the Zero Trust Isolation network. I couldn’t be more excited to join the Airgap team and build a future to secure companies from ransomware.
About Airgap Networks
Ransomware threat is growing rapidly. While there are a whole bunch of security companies that are trying to prevent ransomware from getting into your network, Airgap’s “Zero Trust Isolation Platform” protects your organization even if your perimeter is breached or if you have unpatched vulnerable servers inside your data center. Additionally, Airgap’s “Ransomware Kill Switch” is the most potent ransomware response for the IT organization. Airgap can be deployed in minutes without any agents, forklift upgrades, or design changes. The company is founded by highly experienced cybersecurity experts and the solution is trusted by large enterprises and service providers. For more details, check out https://airgap.io