Colonial pipeline ransom paid | Canada vulnerable to ransom attacks | The Cyber Review

May 16, 2021
Written by Farah

Colonial Pipeline hack, $5 million ransom

After the Colonial Pipeline cyber attack by Darkside, there were fuel shortages and four states declared a state of emergency. Ransomware attack are becoming more common and hackers are growing more sophisticated with their methods.

They are not just focusing on large businesses, but government agencies and infrastructures too. From solar power firms, water treatment plants, police departments, to pipelines.

The pipeline attack, from the dark web sent tens of thousands of Americans to panic-buy gas for their cars. On Wednesday, Colonial Pipeline said it had “initiated the restart” of operations, reportedly after paying a $5m ransom fee. But the long lines continued and gas prices hit high.

An expert said, "The average Darkside attack would ask for anywhere from $80,000 to $100,000 ransom, and they would typically do eight to 10 of these attacks a month, so they were bringing in about $12m a year.

They targeted lower ransoms but in the last few months, experts noticed they were going after larger organizations. Instead of focusing on a handful of smaller ones a month, they focus on one and get the most of out them. For many hacker groups, including DarkSide, their goal is to make money which they can when they target a larger entity.

Canada is ‘seriously vulnerable’ to ransomware attacks on critical infrastructure, says expert

The ransomware attack on the Colonial pipeline should put Canadians, especially government agencies and leaders on alert of attacks against critical infrastructure.

“My sense is we are seriously vulnerable, and this [attack] is a major canary in the coal mine,” said Christian Leuprecht, a Queen’s University professor and senior fellow in security and defence at the Macdonald Laurier Institute.

Leuprecht said cybersecurity is not a priority, the recent proposed federal budget has few new resources for improving cybersecurity of Canada's infrastructure.

Leuprecht also said ransomware “arguably is the most prolific cybersecurity threat out there today.”

Cybersecurity advice for small-businesses: Focus on basics

Small and medium-sized businesses should follow basic cybersecurity principles for protection against cyberattacks.

“Don’t get worried about being a cyber professional – the basics solve most of the problems,” Philip Reitinger, CEO of the Global Cyber Alliance told a virtual conference on risk and cybersecurity Wednesday hosted by Mastercard.

Know that it is every employee's responsibility to be cyber conscious and accountable especially since most small businesses do not have an IT department.

  • Turn on multi-factor authentication
  • Have strong passwords
  • Patch systems
  • Backup systems