Companies are targeted for attack for various reasons. One predominant reason continues to be
revenue. Without the possibility of a payout, there isn’t much reason for a group to spend the resources
to attack the target.
One set of high value targets are pipelines. A few years ago, there was an issue with a pipeline in the US
(i.e., Colonial Pipeline in 2021). Another pipeline has been compromised with the same form of attack,
but in Canada. In this case, the Alpha V group successfully compromised the Trans-Northern Pipeline’s
systems in three provinces and applied the standard ransomware. They were able to exfiltrate
approximately 190GB of data. The successful attack occurred in 2023.
Unlike the US attack, there were no unplanned interruption for the pipeline’s operations. Unfortunately,
not much has been published as to the attack method used, depth of network penetration, and type of
data. Portions of this information could be helpful as to how best to secure other’s networks. If any
nuances would occur with this attack.
We must continue to be ever vigilant. This includes having internal systems checked more than once
over time.
No comments:
Post a Comment